7.5
CVE-2006-6039
- EPSS 1.3%
- Veröffentlicht 22.11.2006 00:07:00
- Zuletzt bearbeitet 16.06.2026 22:32:20
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the edit parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Powie ≫ Php Matchmaker Version <= 4.06
Powie ≫ Php Matchmaker Version4.05
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.3% | 0.667 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/22966
http://www.securityfocus.com/bid/21145
http://www.vupen.com/english/advisories/2006/4611
https://exchange.xforce.ibmcloud.com/vulnerabilities/30360
https://www.exploit-db.com/exploits/2798