CVE-2006-1710

Опубликовано: 11 апр. 2006

Источник: nvd

CVSS2: 7.6

EPSS Низкий

Описание

SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters.

Ссылки

http://secunia.com/advisories/19601
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/17435
Exploit
http://www.vupen.com/english/advisories/2006/1299
https://exchange.xforce.ibmcloud.com/vulnerabilities/25699
https://www.exploit-db.com/exploits/1653
http://secunia.com/advisories/19601
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/17435
Exploit
http://www.vupen.com/english/advisories/2006/1299
https://exchange.xforce.ibmcloud.com/vulnerabilities/25699
https://www.exploit-db.com/exploits/1653

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:design_nation:dnguestbook:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00862

Низкий

7.6 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3w6w-26ch-mqc9

github

почти 4 года назад