exploitDog

CVE-2006-1685

Опубликовано: 11 апр. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allow remote attackers to execute arbitrary SQL commands via the (1) group, (2) seite, and (3) id parameter, possibly involving the artikel functionality. NOTE: this vulnerability also allows resultant path disclosure when the SQL queries are invalid.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apt:apt-webshop-system:3.0:*:basic:*:*:*:*:*

cpe:2.3:a:apt:apt-webshop-system:3.0:*:light:*:*:*:*:*

cpe:2.3:a:apt:apt-webshop-system:4.0:*:pro:*:*:*:*:*

EPSS

Процентиль: 63%

0.00446

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jq2j-c7xr-7r39

github

почти 4 года назад

Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allow remote attackers to execute arbitrary SQL commands via the (1) group, (2) seite, and (3) id parameter, possibly involving the artikel functionality. NOTE: this vulnerability also allows resultant path disclosure when the SQL queries are invalid.

EPSS

Процентиль: 63%

0.00446

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other