CVE-2006-1569

Опубликовано: 01 апр. 2006

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.

Ссылки

http://evuln.com/vulns/115/summary.html
http://secunia.com/advisories/19475
Vendor Advisory
http://www.osvdb.org/24297
http://www.osvdb.org/24298
http://www.osvdb.org/24299
http://www.securityfocus.com/archive/1/431001/100/0/threaded
http://www.securityfocus.com/bid/17336
http://www.vupen.com/english/advisories/2006/1186
https://exchange.xforce.ibmcloud.com/vulnerabilities/25578
http://evuln.com/vulns/115/summary.html
http://secunia.com/advisories/19475
Vendor Advisory
http://www.osvdb.org/24297
http://www.osvdb.org/24298
http://www.osvdb.org/24299
http://www.securityfocus.com/archive/1/431001/100/0/threaded
http://www.securityfocus.com/bid/17336
http://www.vupen.com/english/advisories/2006/1186
https://exchange.xforce.ibmcloud.com/vulnerabilities/25578

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redcms:redcms:0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04932

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5jch-vpg3-pqjm

github

почти 4 года назад