CVE-2006-1585

Sažetak

Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php.

Reference

http://secunia.com/advisories/19503
http://securityreason.com/securityalert/660
http://www.bash-x.net/undef/adv/monalbum.html
http://www.securityfocus.com/archive/1/429475/100/0/threaded
http://www.securityfocus.com/bid/17327
http://www.vupen.com/english/advisories/2006/1206
https://exchange.xforce.ibmcloud.com/vulnerabilities/25572

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

18-10-2018 - 16:33

Objavljeno

02-04-2006 - 21:04