CVE-2006-2993

Опубликовано: 13 июн. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp.

Ссылки

http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html
http://secunia.com/advisories/20554
Vendor Advisory
http://www.osvdb.org/26281
http://www.osvdb.org/26282
http://www.securityfocus.com/bid/18418
http://www.vupen.com/english/advisories/2006/2244
https://exchange.xforce.ibmcloud.com/vulnerabilities/27087
http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html
http://secunia.com/advisories/20554
Vendor Advisory
http://www.osvdb.org/26281
http://www.osvdb.org/26282
http://www.securityfocus.com/bid/18418
http://www.vupen.com/english/advisories/2006/2244
https://exchange.xforce.ibmcloud.com/vulnerabilities/27087

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:my_photo_scrapbook:my_photo_scrapbook:*:*:*:*:*:*:*:*

Версия до 1.0 (включая)

EPSS

Процентиль: 74%

0.00816

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-m322-x4xg-4gvq

github

почти 4 года назад