Lucene search

[email protected]CVE-2006-6861

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-6861

2006-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6861

sql injection

outfront spooky login 2.7

remote attackers

nvd

9.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

52.8%

JSON

Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.

CPENameOperatorVersion
outfront:spooky_loginoutfront spooky logineq2.7

CPE	Name	Operator	Version
outfront:spooky_login	outfront spooky login	eq	2.7

References

www.securityfocus.com/archive/1/455603/100/0/threaded

www.securityfocus.com/bid/21822

9.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

52.8%

JSON