Lucene search

[email protected]CVE-2006-6218

HistoryDec 01, 2006 - 1:28 a.m.

CVE-2006-6218

2006-12-0101:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6218

sql injection

index.php

dev4u cms

security vulnerability

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.5%

JSON

Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow remote attackers to execute arbitrary SQL commands via the (1) seite_id, (2) gruppe_id.php, and (3) go_target parameters.

CPENameOperatorVersion
dev4u:dev4u_cmsdev4u dev4u cmseq*

CPE	Name	Operator	Version
dev4u:dev4u_cms	dev4u dev4u cms	eq	*

References

www.majorsecurity.de/index_2.php?major_rls=major_rls36

www.securityfocus.com/archive/1/452008/100/200/threaded

www.securityfocus.com/bid/21170

exchange.xforce.ibmcloud.com/vulnerabilities/30395

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.5%

JSON