7.5
CVE-2006-1426
- EPSS 1.94%
- Veröffentlicht 28.03.2006 20:02:00
- Zuletzt bearbeitet 16.06.2026 22:22:39
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.94% | 0.774 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/19421
http://www.osvdb.org/24168
http://www.osvdb.org/24169
http://www.securityfocus.com/archive/1/428964/100/0/threaded
http://www.securityfocus.com/bid/17260
http://www.vupen.com/english/advisories/2006/1135
https://exchange.xforce.ibmcloud.com/vulnerabilities/25478
https://exchange.xforce.ibmcloud.com/vulnerabilities/25481