CVE-2006-3515

Опубликовано: 11 июл. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in the loginADP function in ajaxp.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.

Ссылки

http://secunia.com/advisories/20985
http://securityreason.com/securityalert/1206
http://www.kapda.ir/advisory-355.html
Vendor Advisory
http://www.osvdb.org/27067
http://www.securityfocus.com/archive/1/439521/100/0/threaded
http://www.securityfocus.com/archive/1/439614/100/0/threaded
http://www.securityfocus.com/bid/18897
http://www.vupen.com/english/advisories/2006/2714
http://secunia.com/advisories/20985
http://securityreason.com/securityalert/1206
http://www.kapda.ir/advisory-355.html
Vendor Advisory
http://www.osvdb.org/27067
http://www.securityfocus.com/archive/1/439521/100/0/threaded
http://www.securityfocus.com/archive/1/439614/100/0/threaded
http://www.securityfocus.com/bid/18897
http://www.vupen.com/english/advisories/2006/2714

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:myiosoft.com:ajaxportal:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01447

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-ffg2-5rcp-wwwj

github

почти 4 года назад