CVE-2006-0490

Sažetak

SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field.

Reference

http://marc.info/?l=bugtraq&m=113837847503661&w=2
http://secunia.com/advisories/18636
http://securityreason.com/securityalert/381
http://securitytracker.com/id?1015548
http://www.osvdb.org/22790
http://www.securityfocus.com/bid/16404
http://www.vupen.com/english/advisories/2006/0372
https://exchange.xforce.ibmcloud.com/vulnerabilities/24359

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:29

Objavljeno

01-02-2006 - 02:02