CVE-2006-5772

2006-11-0623:00:00

mitre

www.cve.org

AI Score

8.7

Confidence

Low

EPSS

0.004

Percentile

74.9%

JSON

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) prod parameter.

References

secunia.com/advisories/22664

www.freewebshop.org/index.php?id=27

www.vupen.com/english/advisories/2006/4332

exchange.xforce.ibmcloud.com/vulnerabilities/29990

www.exploit-db.com/exploits/2704