6.4

CVE-2006-2139

EPSS 0.85%
Published 02.05.2006 10:02:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to (c) delete.php, or (8) tablename parameter to (d) searchnews.php.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Wilsonncareabusinesses ≫ Php Newsfeed Version2004-07-23

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.85%	0.739

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://evuln.com/vulns/129/summary.html

http://secunia.com/advisories/19904

Vendor Advisory

http://www.osvdb.org/25132

http://www.osvdb.org/25133

http://www.osvdb.org/25134

http://www.osvdb.org/25135

http://www.securityfocus.com/bid/17757

http://www.vupen.com/english/advisories/2006/1574

https://exchange.xforce.ibmcloud.com/vulnerabilities/26205

https://nvd.nist.gov/vuln/detail/CVE-2006-2139

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2139

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2139

EUVD