6.5
CVE-2006-0581
- EPSS 1.78%
- Veröffentlicht 08.02.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:20:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hosting Controller ≫ Hosting Controller Version6.1_hotfix_2.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.78% | 0.754 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://secunia.com/advisories/18731
http://securitytracker.com/id?1015584
http://www.osvdb.org/22982
http://www.osvdb.org/22983
http://www.vupen.com/english/advisories/2006/0460
https://exchange.xforce.ibmcloud.com/vulnerabilities/24537