7.5

CVE-2006-0721

Exploit
SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote attackers to execute arbitrary SQL commands via the to_userid parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RuncmsRuncms Version1.2
RuncmsRuncms Version1.3a
RuncmsRuncms Version1.3a2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.71% 0.743
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://hamid.ir/security/runcms.txt
Vendor Advisory
Exploit
http://secunia.com/advisories/18831
Patch
Vendor Advisory
http://securitytracker.com/id?1015626
http://www.runcms.org/public/modules/forum/viewtopic.php?topic_id=4003&forum=18
http://www.securityfocus.com/archive/1/425293/100/0/threaded
http://www.securityfocus.com/bid/16652
Exploit
http://www.vupen.com/english/advisories/2006/0572
https://exchange.xforce.ibmcloud.com/vulnerabilities/24676