CVE-2006-2179

Sažetak

Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm.

Reference

http://pridels0.blogspot.com/2006/05/cyberbuild-vuln.html
http://secunia.com/advisories/19889
http://www.osvdb.org/25195
http://www.osvdb.org/25196
http://www.securityfocus.com/bid/17829
http://www.vupen.com/english/advisories/2006/1630
https://exchange.xforce.ibmcloud.com/vulnerabilities/26201

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

04-05-2006 - 12:38