6.4

CVE-2006-2763

EPSS 9.39%
Veröffentlicht 02.06.2006 01:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 18

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pre Projects ≫ Pre News Manager Version1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.39%	0.925

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/20284

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1990

http://www.osvdb.org/26073

http://www.osvdb.org/26074

http://www.osvdb.org/26075

http://www.osvdb.org/26076

http://www.osvdb.org/26077

http://www.osvdb.org/26078

http://www.osvdb.org/26079

http://www.securityfocus.com/archive/1/493369/100/0/threaded

http://www.securityfocus.com/archive/1/497185/100/0/threaded

http://www.securityfocus.com/archive/1/497219/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/34035

https://exchange.xforce.ibmcloud.com/vulnerabilities/43070

https://www.exploit-db.com/exploits/5803

https://nvd.nist.gov/vuln/detail/CVE-2006-2763

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2763

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2763

EUVD