CVE-2006-5450

Опубликовано: 23 окт. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters.

Ссылки

http://secunia.com/advisories/22493
Vendor Advisory
http://securityreason.com/securityalert/1757
http://www.osvdb.org/29901
http://www.securityfocus.com/archive/1/449227/100/0/threaded
http://www.securityfocus.com/bid/20607
Exploit
http://www.vupen.com/english/advisories/2006/4130
https://exchange.xforce.ibmcloud.com/vulnerabilities/29683
http://secunia.com/advisories/22493
Vendor Advisory
http://securityreason.com/securityalert/1757
http://www.osvdb.org/29901
http://www.securityfocus.com/archive/1/449227/100/0/threaded
http://www.securityfocus.com/bid/20607
Exploit
http://www.vupen.com/english/advisories/2006/4130
https://exchange.xforce.ibmcloud.com/vulnerabilities/29683

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kinesis:kinesis_interactive_cinema_system:*:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.0085

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9fx7-v7hg-wpqc

github

почти 4 года назад