CVE-2006-3926

Опубликовано: 31 июл. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html
Exploit
http://secunia.com/advisories/21201
Vendor Advisory
http://securityreason.com/securityalert/1298
http://securitytracker.com/id?1016595
Exploit
http://www.osvdb.org/27545
http://www.osvdb.org/27546
http://www.securityfocus.com/bid/19158
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/28032
http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html
Exploit
http://secunia.com/advisories/21201
Vendor Advisory
http://securityreason.com/securityalert/1298
http://securitytracker.com/id?1016595
Exploit
http://www.osvdb.org/27545
http://www.osvdb.org/27546
http://www.securityfocus.com/bid/19158
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/28032

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:php_pro_bid:php_pro_bid:5.24:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01321

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-cpgr-qc8h-2jj6

github

почти 4 года назад