Lucene search

K
cve[email protected]CVE-2006-6282
HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6282

2006-12-0411:28:00
web.nvd.nist.gov
25
cve-2006-6282
vikingboard 0.1.2
sql error
remote attack
php vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invalid s parameter, a different vector than CVE-2006-4709. NOTE: might only be an exposure if display_errors is enabled, but due to lack of details, even this is not clear.

Affected configurations

NVD
Node
vikingboardvikingboardMatch0.1.2

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

Related for CVE-2006-6282