7.5
CVE-2006-4957
- EPSS 1.09%
- Veröffentlicht 23.09.2006 10:07:00
- Zuletzt bearbeitet 16.06.2026 22:30:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
The Myreview System ≫ Myreview Version1.9.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.09% | 0.609 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/21991
http://www.securityfocus.com/bid/20105
http://www.vupen.com/english/advisories/2006/3716
https://exchange.xforce.ibmcloud.com/vulnerabilities/29029
https://www.exploit-db.com/exploits/2397