CVE-2006-5736

Опубликовано: 06 нояб. 2006

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:punbb:punbb:*:*:*:*:*:*:*:*

Версия до 1.2.13 (включая)

cpe:2.3:a:punbb:punbb:1.0:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_alpha:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_beta1:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_beta1a:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_beta2:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_beta3:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_rc1:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.0_rc2:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.1:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.7:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.8:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.9:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.10:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.11:*:*:*:*:*:*:*

cpe:2.3:a:punbb:punbb:1.2.12:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01042

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-48qc-mphm-xc27

github

почти 4 года назад