CVE-2006-0184

Опубликовано: 12 янв. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in AspTopSites allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to goto.asp or (2) password parameter to includeloginuser.asp.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0351.html
http://secunia.com/advisories/18408
Vendor Advisory
http://www.exploitlabs.com/files/advisories/EXPL-A-2006-001-asptopsites.txt
Exploit
Vendor Advisory
http://www.osvdb.org/22330
http://www.vupen.com/english/advisories/2006/0146
https://exchange.xforce.ibmcloud.com/vulnerabilities/24072
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0351.html
http://secunia.com/advisories/18408
Vendor Advisory
http://www.exploitlabs.com/files/advisories/EXPL-A-2006-001-asptopsites.txt
Exploit
Vendor Advisory
http://www.osvdb.org/22330
http://www.vupen.com/english/advisories/2006/0146
https://exchange.xforce.ibmcloud.com/vulnerabilities/24072

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mainenet_enterprises:asptopsites:*:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00963

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-548q-xwcv-2fpv

github

почти 4 года назад