Lucene search

[email protected]CVE-2006-6398

HistoryDec 08, 2006 - 1:28 a.m.

CVE-2006-6398

2006-12-0801:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

vulnerability

superfreaker studios upublisher

remote attack

nvd

cve-2006-6398

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.5%

JSON

Multiple SQL injection vulnerabilities in Superfreaker Studios UPublisher 1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors in (a) sendarticle.asp and (b) printarticle.asp, and the ID parameter to © index.asp and (d) preferences.asp, different vectors than CVE-2006-5888.

CPENameOperatorVersion
superfreaker_studios:upublishersuperfreaker studios upublishereq1.0

CPE	Name	Operator	Version
superfreaker_studios:upublisher	superfreaker studios upublisher	eq	1.0

References

secunia.com/advisories/22840

www.securityfocus.com/archive/1/453462/100/0/threaded

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.5%

JSON

Related for CVE-2006-6398

cve1