CVE-2006-6132

Опубликовано: 28 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbitrary SQL commands via (1) the search engine field to search.asp and (2) psearch parameter to linkslist.asp.

Ссылки

http://s-a-p.ca/index.php?page=OurAdvisories&id=53
Exploit
Vendor Advisory
URL Repurposed
http://secunia.com/advisories/23068
Exploit
Vendor Advisory
http://securityreason.com/securityalert/1920
http://www.securityfocus.com/archive/1/452256/100/0/threaded
http://www.securityfocus.com/bid/21239
Exploit
http://www.vupen.com/english/advisories/2006/4656
https://exchange.xforce.ibmcloud.com/vulnerabilities/30460
http://s-a-p.ca/index.php?page=OurAdvisories&id=53
Exploit
Vendor Advisory
URL Repurposed
http://secunia.com/advisories/23068
Exploit
Vendor Advisory
http://securityreason.com/securityalert/1920
http://www.securityfocus.com/archive/1/452256/100/0/threaded
http://www.securityfocus.com/bid/21239
Exploit
http://www.vupen.com/english/advisories/2006/4656
https://exchange.xforce.ibmcloud.com/vulnerabilities/30460

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:softacid:link_exchange_lite:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01042

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gr2x-2r2m-f28m

github

почти 4 года назад