Lucene search

PRIOn knowledge basePRION:CVE-2006-2301

HistoryMay 11, 2006 - 10:02 a.m.

Sql injection

2006-05-1110:02:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.2%

JSON

SQL injection vulnerability in admin_default.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password fields.

CPENameOperatorVersion
galerieq2.0

CPE	Name	Operator	Version
	galeri	eq	2.0

References

secunia.com/advisories/20049

securityreason.com/securityalert/866

securitytracker.com/id?1016053

www.osvdb.org/25426

www.securityfocus.com/archive/1/433358

www.securityfocus.com/bid/17923

www.vupen.com/english/advisories/2006/1768

exchange.xforce.ibmcloud.com/vulnerabilities/26364

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for PRION:CVE-2006-2301

cve1