Lucene search
HistoryJan 09, 2009 - 6:30 p.m.
CVE-2009-0106
cve
2009
0106
sql injection
phpauctions
phpauctionsystem
remote attackers
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.6%
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
Affected configurations
Node
phpauctionsphpauctionsMatch_nil_
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpauctions:phpauctions | phpauctions | eq | _nil_ |
Related
prion
prion
Sql injection
2009-01-09 18:30:00
Sql injection
2009-04-08 10:30:00
nvd
nvd
CVE-2009-0106
2009-01-09 18:30:03
CVE-2008-6663
2009-04-08 10:30:00
cvelist
cvelist
CVE-2009-0106
2009-01-09 18:00:00
CVE-2008-6663
2009-04-08 10:00:00
cve
cve
CVE-2008-6663
2009-04-08 10:30:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.6%
Related for CVE-2009-0106