Lucene search

MitreCVE-2006-5917

HistoryNov 15, 2006 - 3:07 p.m.

CVE-2006-5917

2006-11-1515:07:00

mitre

web.nvd.nist.gov

cve

sql injection

omnistar article manager

remote code execution

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.012

Percentile

85.4%

JSON

Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in © articles/pages.php.

Affected configurations

Nvd

Node

omnistar_interactiveomnistar_article_manager

VendorProductVersionCPE
omnistar_interactiveomnistar_article_manager*cpe:2.3:a:omnistar_interactive:omnistar_article_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
omnistar_interactive	omnistar_article_manager	*	cpe:2.3:a:omnistar_interactive:omnistar_article_manager::::::::

References

s-a-p.ca/index.php?page=OurAdvisories&id=10

secunia.com/advisories/22794

securityreason.com/securityalert/1865

securitytracker.com/id?1017208

www.securityfocus.com/archive/1/451045/100/0/threaded

www.securityfocus.com/bid/20990

www.vupen.com/english/advisories/2006/4449

exchange.xforce.ibmcloud.com/vulnerabilities/30166

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.012

Percentile

85.4%

JSON

Related for CVE-2006-5917