CVE-2006-5450

2006-10-2317:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters.

References

secunia.com/advisories/22493

securityreason.com/securityalert/1757

www.osvdb.org/29901

www.securityfocus.com/archive/1/449227/100/0/threaded

www.securityfocus.com/bid/20607

www.vupen.com/english/advisories/2006/4130

exchange.xforce.ibmcloud.com/vulnerabilities/29683