Lucene search

[email protected]CVE-2006-6606

HistoryDec 18, 2006 - 2:28 a.m.

CVE-2006-6606

2006-12-1802:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6606

sql injection

clarens

jclarens

remote attack

nvd

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Multiple SQL injection vulnerabilities in Clarens jclarens before 0.6.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
clarens:jclarensclarens jclarenseq0.6.1

CPE	Name	Operator	Version
clarens:jclarens	clarens jclarens	eq	0.6.1

References

secunia.com/advisories/23350

sourceforge.net/project/shownotes.php?release_id=470844

www.securityfocus.com/bid/21588

www.vupen.com/english/advisories/2006/5001

exchange.xforce.ibmcloud.com/vulnerabilities/30881

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON