CVE-2006-6218

Опубликовано: 01 дек. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow remote attackers to execute arbitrary SQL commands via the (1) seite_id, (2) gruppe_id.php, and (3) go_target parameters.

Ссылки

http://www.majorsecurity.de/index_2.php?major_rls=major_rls36
Exploit
http://www.securityfocus.com/archive/1/452008/100/200/threaded
http://www.securityfocus.com/bid/21170
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30395
http://www.majorsecurity.de/index_2.php?major_rls=major_rls36
Exploit
http://www.securityfocus.com/archive/1/452008/100/200/threaded
http://www.securityfocus.com/bid/21170
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30395

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dev4u:dev4u_cms:*:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00492

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-274q-hq95-j7h8

github

больше 3 лет назад