CVE-2006-3292

Опубликовано: 28 июн. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows remote attackers to execute arbitrary SQL commands via queries with the "LIKE" keyword in the searchdata parameter (search field).

Ссылки

http://retrogod.altervista.org/JAWS_062_sql.html
Exploit
http://secunia.com/advisories/20842
Vendor Advisory
http://securityreason.com/securityalert/1165
http://www.jaws-project.com/index.php?blog/show/29
Patch
http://www.securityfocus.com/archive/1/438434/100/0/threaded
http://www.securityfocus.com/bid/18665
Exploit
http://www.vupen.com/english/advisories/2006/2546
https://exchange.xforce.ibmcloud.com/vulnerabilities/27334
http://retrogod.altervista.org/JAWS_062_sql.html
Exploit
http://secunia.com/advisories/20842
Vendor Advisory
http://securityreason.com/securityalert/1165
http://www.jaws-project.com/index.php?blog/show/29
Patch
http://www.securityfocus.com/archive/1/438434/100/0/threaded
http://www.securityfocus.com/bid/18665
Exploit
http://www.vupen.com/english/advisories/2006/2546
https://exchange.xforce.ibmcloud.com/vulnerabilities/27334

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jaws:jaws:0.6.2:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01278

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rm8c-wq9m-jwx5

github

почти 4 года назад