CVE-2006-5217

2006-10-0921:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.6%

JSON

SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows remote attackers to execute arbitrary SQL commands by simultaneously injecting into the user name and pass fields in uyegiris.asp, also known as the Kullanici Adi (k_a) and Sifre (sifre) parameters.

References

securityreason.com/securityalert/1700

www.securityfocus.com/archive/1/447914/100/0/threaded

www.securityfocus.com/bid/20378

exchange.xforce.ibmcloud.com/vulnerabilities/29380