7.5
CVE-2006-1852
- EPSS 1.11%
- Veröffentlicht 19.04.2006 16:06:00
- Zuletzt bearbeitet 16.06.2026 22:23:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Scriptsfrenzy ≫ Article Publisher Pro Version <= 1.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.11% | 0.616 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://pridels0.blogspot.com/2006/04/article-publisher-pro-sql-inj.html
http://www.osvdb.org/24730
https://exchange.xforce.ibmcloud.com/vulnerabilities/25898