Lucene search

[email protected]NVD:CVE-2006-5892

HistoryNov 14, 2006 - 10:07 p.m.

CVE-2006-5892

2006-11-1422:07:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.004

Percentile

72.1%

JSON

SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

Nvd

Node

the_net_guysaspired2pollRange≤1.0

VendorProductVersionCPE
the_net_guysaspired2poll*cpe:2.3:a:the_net_guys:aspired2poll:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
the_net_guys	aspired2poll	*	cpe:2.3:a:the_net_guys:aspired2poll::::::::

References

secunia.com/advisories/22796

www.securityfocus.com/archive/1/451320/100/0/threaded

www.securityfocus.com/bid/20987

www.vupen.com/english/advisories/2006/4428

exchange.xforce.ibmcloud.com/vulnerabilities/30160

www.exploit-db.com/exploits/2746

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.004

Percentile

72.1%

JSON

Related for NVD:CVE-2006-5892

cvelist1 exploitdb1 cve1