Lucene search

[email protected]CVE-2006-5880

HistoryNov 14, 2006 - 7:07 p.m.

CVE-2006-5880

2006-11-1419:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5880

sql injection

switch.asp

munch pro 1.0

security vulnerability

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.7%

JSON

SQL injection vulnerability on the subMenu page in switch.asp in Munch Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.

CPENameOperatorVersion
isystems:munch_proisystems munch proeq1.0

CPE	Name	Operator	Version
isystems:munch_pro	isystems munch pro	eq	1.0

References

secunia.com/advisories/22844

www.securityfocus.com/bid/21044

www.vupen.com/english/advisories/2006/4464

exchange.xforce.ibmcloud.com/vulnerabilities/30185

www.exploit-db.com/exploits/2761

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2006-5880

prion1 cve1