CVE-2006-0919

Опубликовано: 28 фев. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

Ссылки

http://secunia.com/advisories/18993
http://www.h4cky0u.org/advisories/HYSA-2006-003-oi-email.txt
Exploit
Vendor Advisory
http://www.osvdb.org/23462
http://www.securityfocus.com/archive/1/425924/100/0/threaded
http://www.vupen.com/english/advisories/2006/0718
http://secunia.com/advisories/18993
http://www.h4cky0u.org/advisories/HYSA-2006-003-oi-email.txt
Exploit
Vendor Advisory
http://www.osvdb.org/23462
http://www.securityfocus.com/archive/1/425924/100/0/threaded
http://www.vupen.com/english/advisories/2006/0718

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oi:email_marketing_system:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00743

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2h7x-5525-cw8v

github

почти 4 года назад