6.4
CVE-2006-2139
- EPSS 1.64%
- Veröffentlicht 02.05.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:24:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to (c) delete.php, or (8) tablename parameter to (d) searchnews.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Wilsonncareabusinesses ≫ Php Newsfeed Version2004-07-23
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.64% | 0.733 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
http://evuln.com/vulns/129/summary.html
http://secunia.com/advisories/19904
http://www.osvdb.org/25132
http://www.osvdb.org/25133
http://www.osvdb.org/25134
http://www.osvdb.org/25135
http://www.securityfocus.com/bid/17757
http://www.vupen.com/english/advisories/2006/1574
https://exchange.xforce.ibmcloud.com/vulnerabilities/26205