7.5

CVE-2006-0669

Exploit

EPSS 0.64%
Veröffentlicht 13.02.2006 22:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to execute arbitrary SQL commands via the (1) Forum and (2) pages parameter.  NOTE: SecurityTracker says that the vendor has disputed this issue, saying that GA Forum Light does not use an SQL database.  SecurityTracker's research indicates that the original problem could be due to a vbscript parsing error based on invalid arguments

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gasoft ≫ Gas Forum Light

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.64%	0.695

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://securitytracker.com/id?1015600

Exploit

http://www.attrition.org/pipermail/vim/2006-February/000561.html

http://www.osvdb.org/23509

http://www.securityfocus.com/bid/16563

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/24616

https://nvd.nist.gov/vuln/detail/CVE-2006-0669

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0669

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0669

EUVD