CVE-2006-6080

Опубликовано: 24 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in categories.asp in gNews Publisher allow remote attackers to execute arbitrary SQL commands via the (1) catID or (2) editorID parameter.

Ссылки

http://securityreason.com/securityalert/1908
http://www.aria-security.com/forum/showthread.php?t=37
Exploit
http://www.securityfocus.com/archive/1/452116/100/0/threaded
http://www.securityfocus.com/bid/21194
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30422
http://securityreason.com/securityalert/1908
http://www.aria-security.com/forum/showthread.php?t=37
Exploit
http://www.securityfocus.com/archive/1/452116/100/0/threaded
http://www.securityfocus.com/bid/21194
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30422

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gazatem_technologies:gnews_publisher:*:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01417

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9hm9-2pg7-5q69

github

почти 4 года назад