CVE-2006-2279

Опубликовано: 10 мая 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php.

Ссылки

http://secunia.com/advisories/20034
Vendor Advisory
http://securityreason.com/securityalert/862
http://www.osvdb.org/25362
http://www.osvdb.org/25363
http://www.securityfocus.com/archive/1/433052/100/0/threaded
http://www.securityfocus.com/bid/17848
http://www.vupen.com/english/advisories/2006/1708
https://exchange.xforce.ibmcloud.com/vulnerabilities/26293
http://secunia.com/advisories/20034
Vendor Advisory
http://securityreason.com/securityalert/862
http://www.osvdb.org/25362
http://www.osvdb.org/25363
http://www.securityfocus.com/archive/1/433052/100/0/threaded
http://www.securityfocus.com/bid/17848
http://www.vupen.com/english/advisories/2006/1708
https://exchange.xforce.ibmcloud.com/vulnerabilities/26293

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:arabless:saphplesson:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01462

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3r3w-wq5c-9cqp

github

почти 4 года назад