Lucene search

[email protected]CVE-2006-5828

HistoryNov 10, 2006 - 1:07 a.m.

CVE-2006-5828

2006-11-1001:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

detail.php

deltascripts

php classifieds

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.7%

JSON

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

CPENameOperatorVersion
deltascripts:php_classifiedsdeltascripts php classifiedseq6.0.5
deltascripts:php_classifiedsdeltascripts php classifiedseq6.18
deltascripts:php_classifiedsdeltascripts php classifiedseq7.1
deltascripts:php_classifiedsdeltascripts php classifiedseq6.20

CPE	Name	Operator	Version
deltascripts:php_classifieds	deltascripts php classifieds	eq	6.0.5
deltascripts:php_classifieds	deltascripts php classifieds	eq	6.18
deltascripts:php_classifieds	deltascripts php classifieds	eq	7.1
deltascripts:php_classifieds	deltascripts php classifieds	eq	6.20

References

secunia.com/advisories/22704

www.securityfocus.com/bid/20935

www.vupen.com/english/advisories/2006/4403

exchange.xforce.ibmcloud.com/vulnerabilities/30023

www.exploit-db.com/exploits/2720

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.7%

JSON

Related for CVE-2006-5828

cve1 prion1