Lucene search

[email protected]NVD:CVE-2006-3262

HistoryJun 27, 2006 - 9:05 p.m.

CVE-2006-3262

2006-06-2721:05:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.031

Percentile

91.1%

JSON

SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.

Affected configurations

Nvd

Node

mambomamboRange≤4.6rc1

VendorProductVersionCPE
mambomambo*cpe:2.3:a:mambo:mambo:*:rc1:*:*:*:*:*:*

Vendor	Product	Version	CPE
mambo	mambo	*	cpe:2.3:a:mambo:mambo::rc1::::::*

References

retrogod.altervista.org/mambo_46rc1_sql.html

secunia.com/advisories/20745

securityreason.com/securityalert/1158

securitytracker.com/id?1016334

www.mamboserver.com/?option=com_content&task=view&id=207

www.osvdb.org/26624

www.securityfocus.com/archive/1/437496/100/100/threaded

www.securityfocus.com/bid/18492

www.vupen.com/english/advisories/2006/2416

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.031

Percentile

91.1%

JSON

Related for NVD:CVE-2006-3262

cve1 exploitdb2 cvelist1 freebsd1 openvas2 nessus1