CVE-2006-1947

Опубликовано: 20 апр. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters.

Ссылки

http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html
http://secunia.com/advisories/19720
Vendor Advisory
http://www.securityfocus.com/bid/17617
Exploit
http://www.vupen.com/english/advisories/2006/1423
https://exchange.xforce.ibmcloud.com/vulnerabilities/25918
http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html
http://secunia.com/advisories/19720
Vendor Advisory
http://www.securityfocus.com/bid/17617
Exploit
http://www.vupen.com/english/advisories/2006/1423
https://exchange.xforce.ibmcloud.com/vulnerabilities/25918

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nicplex:plexum:*:*:*:*:*:*:*:*

Версия до x5 (включая)

EPSS

Процентиль: 61%

0.00421

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pv2p-87j4-xhr2

github

почти 4 года назад