7.5
CVE-2006-0184
- EPSS 1.43%
- Veröffentlicht 12.01.2006 06:02:00
- Zuletzt bearbeitet 16.06.2026 22:20:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in AspTopSites allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to goto.asp or (2) password parameter to includeloginuser.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.43% | 0.696 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0351.html
http://secunia.com/advisories/18408
http://www.exploitlabs.com/files/advisories/EXPL-A-2006-001-asptopsites.txt
http://www.osvdb.org/22330
http://www.vupen.com/english/advisories/2006/0146
https://exchange.xforce.ibmcloud.com/vulnerabilities/24072