7.5
CVE-2006-5935
- EPSS 1.35%
- Veröffentlicht 16.11.2006 00:07:00
- Zuletzt bearbeitet 16.06.2026 22:32:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in index.php in ShopSystems 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the sessid parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Shopsystems ≫ Shopsystems Version4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.35% | 0.679 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/22867
http://securityreason.com/securityalert/1871
http://www.majorsecurity.de/index_2.php?major_rls=major_rls33
http://www.securityfocus.com/archive/1/451315
http://www.securityfocus.com/bid/21005
http://www.vupen.com/english/advisories/2006/4511
https://exchange.xforce.ibmcloud.com/vulnerabilities/30219