7.5
CVE-2006-0669
- EPSS 1.14%
- Veröffentlicht 13.02.2006 22:02:00
- Zuletzt bearbeitet 16.06.2026 22:21:02
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to execute arbitrary SQL commands via the (1) Forum and (2) pages parameter. NOTE: SecurityTracker says that the vendor has disputed this issue, saying that GA Forum Light does not use an SQL database. SecurityTracker's research indicates that the original problem could be due to a vbscript parsing error based on invalid arguments
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.14% | 0.623 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://securitytracker.com/id?1015600
http://www.attrition.org/pipermail/vim/2006-February/000561.html
http://www.osvdb.org/23509
http://www.securityfocus.com/bid/16563
https://exchange.xforce.ibmcloud.com/vulnerabilities/24616