CVE-2006-0252

Опубликовано: 18 янв. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by the (1) year, (2) month, and (3) day parameters.

Ссылки

http://evuln.com/vulns/30/summary.html
Exploit
Vendor Advisory
http://secunia.com/advisories/18462
Vendor Advisory
http://securitytracker.com/id?1015491
Exploit
Vendor Advisory
http://www.osvdb.org/22449
http://www.securityfocus.com/archive/1/422052/100/0/threaded
http://www.securityfocus.com/bid/16242
Vendor Advisory
http://www.vupen.com/english/advisories/2006/0190
https://exchange.xforce.ibmcloud.com/vulnerabilities/24120
http://evuln.com/vulns/30/summary.html
Exploit
Vendor Advisory
http://secunia.com/advisories/18462
Vendor Advisory
http://securitytracker.com/id?1015491
Exploit
Vendor Advisory
http://www.osvdb.org/22449
http://www.securityfocus.com/archive/1/422052/100/0/threaded
http://www.securityfocus.com/bid/16242
Vendor Advisory
http://www.vupen.com/english/advisories/2006/0190
https://exchange.xforce.ibmcloud.com/vulnerabilities/24120

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:benders_calendar:benders_calendar:*:*:*:*:*:*:*:*

Версия до 1.0 (включая)

EPSS

Процентиль: 81%

0.01467

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3jph-25vj-7g8w

github

почти 4 года назад