7.5
CVE-2006-0252
- EPSS 1.51%
- Veröffentlicht 18.01.2006 01:51:00
- Zuletzt bearbeitet 16.06.2026 22:20:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by the (1) year, (2) month, and (3) day parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Benders Calendar ≫ Benders Calendar Version <= 1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.51% | 0.712 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://evuln.com/vulns/30/summary.html
http://secunia.com/advisories/18462
http://securitytracker.com/id?1015491
http://www.osvdb.org/22449
http://www.securityfocus.com/archive/1/422052/100/0/threaded
http://www.securityfocus.com/bid/16242
http://www.vupen.com/english/advisories/2006/0190
https://exchange.xforce.ibmcloud.com/vulnerabilities/24120