Lucene search

[email protected]CVE-2006-7092

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2006-7092

2007-03-0221:18:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-7092

sql injection

mambo laithai

security vulnerability

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.9%

JSON

SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.

CPENameOperatorVersion
mamboxchange:laithaimamboxchange laithaile4.5.4

CPE	Name	Operator	Version
mamboxchange:laithai	mamboxchange laithai	le	4.5.4

References

mamboxchange.com/forum/forum.php?forum_id=7767

secunia.com/advisories/22263

www.securityfocus.com/bid/20413

www.vupen.com/english/advisories/2006/3953

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.9%

JSON

Related for CVE-2006-7092

cvelist1