Lucene search

K
nvd[email protected]NVD:CVE-2006-1794
HistoryApr 17, 2006 - 10:02 a.m.

CVE-2006-1794

2006-04-1710:02:00
web.nvd.nist.gov
5

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

Low

EPSS

0.015

Percentile

86.8%

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/mambo.php; and (3) the $filter variable to the showCategory function in the com_content component (content.php).

Affected configurations

Nvd
Node
mambomamboRange4.5.3hh
OR
mambomamboMatch4.0.14
OR
mambomamboMatch4.5.1_1.0.9
OR
mambomamboMatch4.5.1a
OR
mambomamboMatch4.5.1abeta
OR
mambomamboMatch4.5.1abeta_2
OR
mambomamboMatch4.5.2
OR
mambomamboMatch4.5.2.1
OR
mambomamboMatch4.5.2.2
OR
mambomamboMatch4.5.2.3
OR
mambomamboMatch4.5.3h
OR
mambomamboMatch4.5_1.0.0
OR
mambomamboMatch4.5_1.0.1
OR
mambomamboMatch4.5_1.0.2
OR
mambomamboMatch4.5_1.0.3_beta
OR
mambomamboMatch4.5_1.0.3_betabeta
VendorProductVersionCPE
mambomambo*cpe:2.3:a:mambo:mambo:*:h:*:*:*:*:*:*
mambomambo4.0.14cpe:2.3:a:mambo:mambo:4.0.14:*:*:*:*:*:*:*
mambomambo4.5.1_1.0.9cpe:2.3:a:mambo:mambo:4.5.1_1.0.9:*:*:*:*:*:*:*
mambomambo4.5.1acpe:2.3:a:mambo:mambo:4.5.1a:*:*:*:*:*:*:*
mambomambo4.5.1acpe:2.3:a:mambo:mambo:4.5.1a:beta:*:*:*:*:*:*
mambomambo4.5.1acpe:2.3:a:mambo:mambo:4.5.1a:beta_2:*:*:*:*:*:*
mambomambo4.5.2cpe:2.3:a:mambo:mambo:4.5.2:*:*:*:*:*:*:*
mambomambo4.5.2.1cpe:2.3:a:mambo:mambo:4.5.2.1:*:*:*:*:*:*:*
mambomambo4.5.2.2cpe:2.3:a:mambo:mambo:4.5.2.2:*:*:*:*:*:*:*
mambomambo4.5.2.3cpe:2.3:a:mambo:mambo:4.5.2.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 161

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

Low

EPSS

0.015

Percentile

86.8%