CVE-2006-6021

Опубликовано: 21 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in the login component in BestWebApp Dating Site allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.

Ссылки

http://secunia.com/advisories/23017
Vendor Advisory
http://securityreason.com/securityalert/1898
http://www.securityfocus.com/archive/1/451963/100/0/threaded
http://www.securityfocus.com/archive/1/488647/100/100/threaded
http://www.securityfocus.com/bid/21158
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30394
http://secunia.com/advisories/23017
Vendor Advisory
http://securityreason.com/securityalert/1898
http://www.securityfocus.com/archive/1/451963/100/0/threaded
http://www.securityfocus.com/archive/1/488647/100/100/threaded
http://www.securityfocus.com/bid/21158
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30394

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bestwebapp:bestwebapp_dating_site:*:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01951

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-fwxm-3269-x8gj

github

почти 4 года назад