CVE-2006-2959

2006-06-1220:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie.

References

forum.snitz.com/forum/topic.asp?TOPIC_ID=62049

securityreason.com/securityalert/1075

securitytracker.com/id?1016267

www.kapda.ir/advisory-343.html

www.securityfocus.com/archive/1/436702/100/0/threaded

www.securityfocus.com/bid/18362

exchange.xforce.ibmcloud.com/vulnerabilities/27080