Lucene search

[email protected]CVE-2006-6337

HistoryDec 07, 2006 - 1:28 a.m.

CVE-2006-6337

2006-12-0701:28:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2006-6337

sql injection

giris.asp

aspee

dogantepe ziyaretci defteri

security vulnerability

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.1%

JSON

Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter.

Affected configurations

NVD

Node

aspindiraspee_ziyaretci_defteri

CPENameOperatorVersion
aspindir:aspee_ziyaretci_defteriaspindir aspee ziyaretci defterieq*

CPE	Name	Operator	Version
aspindir:aspee_ziyaretci_defteri	aspindir aspee ziyaretci defteri	eq	*

References

secunia.com/advisories/23291

www.securityfocus.com/archive/1/453234/100/0/threaded

www.securityfocus.com/archive/1/454589/100/0/threaded

www.securityfocus.com/bid/21398

www.securityfocus.com/bid/21627

www.vupen.com/english/advisories/2006/4825

exchange.xforce.ibmcloud.com/vulnerabilities/30919

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.1%

JSON

Related for CVE-2006-6337

cvelist1 nvd1