CVE-2006-7144

Опубликовано: 07 мар. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0217.html
Exploit
Vendor Advisory
http://secunia.com/advisories/22365
Vendor Advisory
http://securityreason.com/securityalert/2389
http://www.mayhemiclabs.com/advisories/MHL-2006-002.txt
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/448423/100/0/threaded
http://www.securityfocus.com/bid/20474
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0217.html
Exploit
Vendor Advisory
http://secunia.com/advisories/22365
Vendor Advisory
http://securityreason.com/securityalert/2389
http://www.mayhemiclabs.com/advisories/MHL-2006-002.txt
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/448423/100/0/threaded
http://www.securityfocus.com/bid/20474
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:call-center-software:call-center-software:*:*:*:*:*:*:*:*

Версия до 0.93 (включая)

EPSS

Процентиль: 79%

0.01289

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hh6m-jqx8-5f79

github

почти 4 года назад