Lucene search

[email protected]CVE-2006-6794

HistoryDec 28, 2006 - 12:28 a.m.

CVE-2006-6794

2006-12-2800:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6794

sql injection

efkan forum

security vulnerability

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.7%

JSON

SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the grup parameter.

CPENameOperatorVersion
efkan_forum:efkan_forumefkan forumeq1.0

CPE	Name	Operator	Version
efkan_forum:efkan_forum	efkan forum	eq	1.0

References

securityreason.com/securityalert/2066

www.securityfocus.com/archive/1/455205/100/0/threaded

www.securityfocus.com/bid/21726

www.vupen.com/english/advisories/2006/5150

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.7%

JSON

Related for CVE-2006-6794

cve1