Lucene search

K
nvd[email protected]NVD:CVE-2006-3239
HistoryJun 27, 2006 - 10:05 a.m.

CVE-2006-3239

2006-06-2710:05:00
web.nvd.nist.gov
3

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

61.2%

SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter.

Affected configurations

Nvd
Node
vbzoomvbzoomMatch1.00
OR
vbzoomvbzoomMatch1.01
OR
vbzoomvbzoomMatch1.11
VendorProductVersionCPE
vbzoomvbzoom1.00cpe:2.3:a:vbzoom:vbzoom:1.00:*:*:*:*:*:*:*
vbzoomvbzoom1.01cpe:2.3:a:vbzoom:vbzoom:1.01:*:*:*:*:*:*:*
vbzoomvbzoom1.11cpe:2.3:a:vbzoom:vbzoom:1.11:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

61.2%

Related for NVD:CVE-2006-3239