CVE-2006-5797

Опубликовано: 08 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in default.asp in Xenis.creator CMS allow remote attackers to execute arbitrary SQL commands via the (1) nav, (2) s, or (3) print parameters.

Ссылки

http://marc.info/?l=bugtraq&m=116266150514762&w=2
http://marc.info/?l=bugtraq&m=116267021732120&w=2
http://secunia.com/advisories/22716
http://securitytracker.com/id?1017162
Vendor Advisory
http://www.majorsecurity.de/index_2.php?major_rls=major_rls31
http://www.securityfocus.com/bid/20908
http://www.vupen.com/english/advisories/2006/4470
https://exchange.xforce.ibmcloud.com/vulnerabilities/30017
http://marc.info/?l=bugtraq&m=116266150514762&w=2
http://marc.info/?l=bugtraq&m=116267021732120&w=2
http://secunia.com/advisories/22716
http://securitytracker.com/id?1017162
Vendor Advisory
http://www.majorsecurity.de/index_2.php?major_rls=major_rls31
http://www.securityfocus.com/bid/20908
http://www.vupen.com/english/advisories/2006/4470
https://exchange.xforce.ibmcloud.com/vulnerabilities/30017

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xenis:xenis.creator_cms:*:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00966

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h85h-x37c-qr2q

github

почти 4 года назад