Lucene search
HistoryDec 07, 2006 - 1:28 a.m.
CVE-2006-6342
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.002
Percentile
55.3%
Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) agent parameters in (a) search_listing.asp, and the (3) property_id parameter in (b) detail.asp.
Affected configurations
Node
klf-designklf-realty
| Vendor | Product | Version | CPE |
|---|---|---|---|
| klf-design | klf-realty | * | cpe:2.3:a:klf-design:klf-realty:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-6342
2006-12-07 01:00:00
exploitdb
exploitdb
Klf-Realty 2.0 - 'detail.asp?property_id' SQL Injection
2006-11-20 00:00:00
Klf-Realty 2.0 - 'search_listing.asp' Multiple SQL Injections
2006-11-20 00:00:00
cve
cve
CVE-2006-6342
2006-12-07 01:28:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.002
Percentile
55.3%
Related for NVD:CVE-2006-6342