Lucene search

[email protected]NVD:CVE-2006-1000

HistoryMar 06, 2006 - 8:06 p.m.

CVE-2006-1000

2006-03-0620:06:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.4%

JSON

Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.

Affected configurations

NVD

Node

g2softpentacle_in-out_boardMatch6.03

References

lists.grok.org.uk/pipermail/full-disclosure/2006-February/042524.html

lists.grok.org.uk/pipermail/full-disclosure/2006-February/042525.html

secunia.com/advisories/19024

securitytracker.com/id?1015682

www.nukedx.com/?viewdoc=13

www.nukedx.com/?viewdoc=14

www.securityfocus.com/archive/1/426074/100/0/threaded

www.securityfocus.com/archive/1/426075/100/0/threaded

www.securityfocus.com/bid/16818

www.vupen.com/english/advisories/2006/0749

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.4%

JSON

Related for NVD:CVE-2006-1000

cve1 cvelist1 prion1