Lucene search

[email protected]CVE-2006-5888

HistoryNov 14, 2006 - 10:07 p.m.

CVE-2006-5888

2006-11-1422:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5888

sql injection

viewarticle.asp

superfreaker studios upublisher 1.0

remote code execution

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.8%

JSON

SQL injection vulnerability in viewarticle.asp in Superfreaker Studios UPublisher 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

CPENameOperatorVersion
superfreaker_studios:upublishersuperfreaker studios upublishereq1.0

CPE	Name	Operator	Version
superfreaker_studios:upublisher	superfreaker studios upublisher	eq	1.0

References

secunia.com/advisories/22840

www.securityfocus.com/archive/1/451372/100/0/threaded

www.vupen.com/english/advisories/2006/4463

exchange.xforce.ibmcloud.com/vulnerabilities/30190

www.exploit-db.com/exploits/2765

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2006-5888

cve1