7.5
CVE-2006-1347
- EPSS 2.63%
- Veröffentlicht 22.03.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:22:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Greg Neustaetter ≫ Gcards Version <= 1.45
Greg Neustaetter ≫ Gcards Version1.43
Greg Neustaetter ≫ Gcards Version1.44
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.63% | 0.835 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://attrition.org/pipermail/vim/2006-April/000698.html
http://secunia.com/advisories/19322
http://www.securityfocus.com/bid/17165
http://www.vupen.com/english/advisories/2006/1015
https://www.exploit-db.com/exploits/1595
http://www.osvdb.org/24017
https://exchange.xforce.ibmcloud.com/vulnerabilities/25344