CVE-2006-1051

Sažetak

SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php.

Reference

http://secunia.com/advisories/19112
http://sourceforge.net/project/shownotes.php?release_id=398713&group_id=155783
http://www.securityfocus.com/bid/16989
http://www.vupen.com/english/advisories/2006/0841
https://exchange.xforce.ibmcloud.com/vulnerabilities/25115

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

07-03-2006 - 21:06