CVE-2006-7092

Опубликовано: 02 мар. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.

Ссылки

http://mamboxchange.com/forum/forum.php?forum_id=7767
Patch
URL Repurposed
http://secunia.com/advisories/22263
Patch
Vendor Advisory
http://www.securityfocus.com/bid/20413
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3953
http://mamboxchange.com/forum/forum.php?forum_id=7767
Patch
URL Repurposed
http://secunia.com/advisories/22263
Patch
Vendor Advisory
http://www.securityfocus.com/bid/20413
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3953

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mamboxchange:laithai:*:sp2:*:*:*:*:*:*

Версия до 4.5.4 (включая)

EPSS

Процентиль: 65%

0.00484

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9pfq-prhj-q3h7

github

почти 4 года назад