6.4
CVE-2006-2763
- EPSS 2.82%
- Veröffentlicht 02.06.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:42
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pre Projects ≫ Pre News Manager Version1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.82% | 0.847 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
http://secunia.com/advisories/20284
http://www.vupen.com/english/advisories/2006/1990
http://www.osvdb.org/26073
http://www.osvdb.org/26074
http://www.osvdb.org/26075
http://www.osvdb.org/26076
http://www.osvdb.org/26077
http://www.osvdb.org/26078
http://www.osvdb.org/26079
http://www.securityfocus.com/archive/1/493369/100/0/threaded
http://www.securityfocus.com/archive/1/497185/100/0/threaded
http://www.securityfocus.com/archive/1/497219/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/34035
https://exchange.xforce.ibmcloud.com/vulnerabilities/43070
https://www.exploit-db.com/exploits/5803