Lucene search

PRIOn knowledge basePRION:CVE-2006-1811

HistoryApr 18, 2006 - 10:02 a.m.

Sql injection

2006-04-1810:02:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

55.6%

JSON

Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) forumid, or (3) threadid parameter to index.php; the (4) ICQ, (5) AIM, (6) MSN, (7) Google Talk, (8) Website Name, (9) Website Address, (10) Email Address, (11) Location, (12) Signature, and (13) Sub-Titles fields in the user profile; or (14) flexbb_password field in a cookie.

CPENameOperatorVersion
flexbbeq0.5.5-beta

CPE	Name	Operator	Version
	flexbb	eq	0.5.5-beta

References

www.securityfocus.com/archive/1/431121/100/0/threaded

www.securityfocus.com/bid/17574

9.2 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

55.6%

JSON

Related for PRION:CVE-2006-1811

cve1