CVE-2006-4347

2006-08-2421:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.1%

JSON

SQL injection vulnerability in user logon authentication request handling in Cool_CoolD.exe in Cool Manager 5.0 (5,60,90,28) and Cool Messenger Office/School Server 5.5 (5,65,12,13) allows remote attackers to execute arbitrary SQL commands via the username field.

References

archives.neohapsis.com/archives/fulldisclosure/2006-08/0605.html

secunia.com/advisories/21569

vuln.sg/coolmessenger55-en.html

www.osvdb.org/28117

www.securityfocus.com/bid/19669

www.vupen.com/english/advisories/2006/3362

exchange.xforce.ibmcloud.com/vulnerabilities/28531