Lucene search
PRIOn knowledge basePRION:CVE-2006-0908HistoryFeb 28, 2006 - 2:02 a.m.
Sql injection
2006-02-2802:02:00
PRIOn knowledge base
www.prio-n.com
2
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.1%
PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injection protection mechanisms via /%2a (/*) sequences with the “ad_click” word in the query string, as demonstrated via the kala parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| php-nuke | eq | 7.8.0-patched3.2 |
Related
cve
cve
CVE-2006-0908
2006-02-28 02:02:00
openvas
openvas
Debian Security Advisory DSA 1264-1 (php4)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1264-1] New php4 packages fix several vulnerabilities
2007-03-07 22:04:16
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.1%
Related for PRION:CVE-2006-0908