CVE-2006-3267

Опубликовано: 27 июн. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in index.php in Infinite Core Technologies (ICT) 1.0 Gold and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter.

Ссылки

http://pridels0.blogspot.com/2006/06/ict-infinite-core-technologies-vuln.html
http://secunia.com/advisories/20806
Vendor Advisory
http://www.securityfocus.com/bid/18644
http://www.vupen.com/english/advisories/2006/2517
https://exchange.xforce.ibmcloud.com/vulnerabilities/27360
http://pridels0.blogspot.com/2006/06/ict-infinite-core-technologies-vuln.html
http://secunia.com/advisories/20806
Vendor Advisory
http://www.securityfocus.com/bid/18644
http://www.vupen.com/english/advisories/2006/2517
https://exchange.xforce.ibmcloud.com/vulnerabilities/27360

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:infinite_core_technologies:ict:*:*:*:*:*:*:*:*

Версия до 1.0_gold (включая)

EPSS

Процентиль: 70%

0.00619

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hchp-79vp-qc9m

github

почти 4 года назад