CVE-2006-6220

Sažetak

Multiple SQL injection vulnerabilities in Recipes Website (Recipes Complete Website) 1.1.14 allow remote attackers to execute arbitrary SQL commands via the (1) recipeid parameter to recipe.php or the (2) categoryid parameter to list.php.

Reference

http://secunia.com/advisories/23083
http://www.securityfocus.com/bid/21270
http://www.vupen.com/english/advisories/2006/4686
https://exchange.xforce.ibmcloud.com/vulnerabilities/30509
https://www.exploit-db.com/exploits/2834

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

19-10-2017 - 01:29

Objavljeno

01-12-2006 - 01:28