6.4
CVE-2006-2126
- EPSS 1.21%
- Veröffentlicht 01.05.2006 22:06:00
- Zuletzt bearbeitet 16.06.2026 22:24:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Avalon Ltd ≫ Maxtrade Version1.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.21% | 0.644 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
http://pridels0.blogspot.com/2006/04/maxtrade-sql-inj.html
http://secunia.com/advisories/19876
http://www.osvdb.org/25122
http://www.securityfocus.com/bid/17765
http://www.vupen.com/english/advisories/2006/1581
https://exchange.xforce.ibmcloud.com/vulnerabilities/26171