Lucene search

PRIOn knowledge basePRION:CVE-2006-2139

HistoryMay 02, 2006 - 10:02 a.m.

Sql injection

2006-05-0210:02:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to © delete.php, or (8) tablename parameter to (d) searchnews.php.

CPENameOperatorVersion
php_newsfeedeq2004723.0.0

CPE	Name	Operator	Version
	php_newsfeed	eq	2004723.0.0

References

evuln.com/vulns/129/summary.html

secunia.com/advisories/19904

www.osvdb.org/25132

www.osvdb.org/25133

www.osvdb.org/25134

www.osvdb.org/25135

www.securityfocus.com/bid/17757

www.vupen.com/english/advisories/2006/1574

exchange.xforce.ibmcloud.com/vulnerabilities/26205

9.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for PRION:CVE-2006-2139

cve1