CVE-2006-0856

Опубликовано: 23 фев. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the Username parameter.

Ссылки

http://secunia.com/advisories/18823
http://www.evuln.com/vulns/66/summary.html
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/425317/100/0/threaded
http://www.securityfocus.com/bid/16609
http://www.vupen.com/english/advisories/2006/0543
https://exchange.xforce.ibmcloud.com/vulnerabilities/24544
http://secunia.com/advisories/18823
http://www.evuln.com/vulns/66/summary.html
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/425317/100/0/threaded
http://www.securityfocus.com/bid/16609
http://www.vupen.com/english/advisories/2006/0543
https://exchange.xforce.ibmcloud.com/vulnerabilities/24544

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scriptme:sme_gb_host:1.21:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01612

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-79r9-rp8p-w25h

github

почти 4 года назад