Lucene search

[email protected]CVE-2006-6559

HistoryDec 14, 2006 - 6:28 p.m.

CVE-2006-6559

2006-12-1418:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6559

sql injection

productdetails.asp

lotfian request for travel 1.0

pid parameter

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.3%

JSON

SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter.

Affected configurations

NVD

Node

lotfianrequest_for_travelMatch1.0

CPENameOperatorVersion
lotfian:request_for_travellotfian request for traveleq1.0

CPE	Name	Operator	Version
lotfian:request_for_travel	lotfian request for travel	eq	1.0

References

www.vupen.com/english/advisories/2006/4933

exchange.xforce.ibmcloud.com/vulnerabilities/30836

www.exploit-db.com/exploits/2908

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.3%

JSON

Related for CVE-2006-6559

cvelist1 nvd1