Lucene search

[email protected]CVE-2006-6807

HistoryDec 28, 2006 - 9:28 p.m.

CVE-2006-6807

2006-12-2821:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6807

sql injection

softwebs nepal

ananda real estate

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.9%

JSON

SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter.

CPENameOperatorVersion
softwebs_nepal:ananda_real_estatesoftwebs nepal ananda real estatele3.4

CPE	Name	Operator	Version
softwebs_nepal:ananda_real_estate	softwebs nepal ananda real estate	le	3.4

References

secunia.com/advisories/23506

www.securityfocus.com/bid/21771

www.vupen.com/english/advisories/2006/5179

www.exploit-db.com/exploits/3001

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.9%

JSON

Related for CVE-2006-6807

prion1 cve1