Lucene search

MitreCVE-2006-1006

HistoryMar 06, 2006 - 8:06 p.m.

CVE-2006-1006

2006-03-0620:06:00

CWE-89

mitre

web.nvd.nist.gov

cve

2006

1006

sql injection

sendcard.php

remote attackers

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.6

Confidence

Low

EPSS

0.004

Percentile

72.1%

JSON

Multiple SQL injection vulnerabilities in sendcard.php in sendcard before 3.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters.

Affected configurations

Nvd

Node

sendcardsendcardRange≤3.2.3

sendcardsendcardMatch1.00

sendcardsendcardMatch1.01

sendcardsendcardMatch1.02

sendcardsendcardMatch1.10

sendcardsendcardMatch1.20

sendcardsendcardMatch2.00

sendcardsendcardMatch2.01

sendcardsendcardMatch3.0.0

sendcardsendcardMatch3.0.1

sendcardsendcardMatch3.0.2

sendcardsendcardMatch3.0.3

sendcardsendcardMatch3.0.4

sendcardsendcardMatch3.0.5

sendcardsendcardMatch3.0.5pl1

sendcardsendcardMatch3.0.5pl2

sendcardsendcardMatch3.1.0

sendcardsendcardMatch3.1.1

sendcardsendcardMatch3.1.2

sendcardsendcardMatch3.2

sendcardsendcardMatch3.2.0rc1

sendcardsendcardMatch3.2.0rc2

sendcardsendcardMatch3.2.0rc3

sendcardsendcardMatch3.2.1

sendcardsendcardMatch3.2.2

VendorProductVersionCPE
sendcardsendcard*cpe:2.3:a:sendcard:sendcard:*:*:*:*:*:*:*:*
sendcardsendcard1.00cpe:2.3:a:sendcard:sendcard:1.00:*:*:*:*:*:*:*
sendcardsendcard1.01cpe:2.3:a:sendcard:sendcard:1.01:*:*:*:*:*:*:*
sendcardsendcard1.02cpe:2.3:a:sendcard:sendcard:1.02:*:*:*:*:*:*:*
sendcardsendcard1.10cpe:2.3:a:sendcard:sendcard:1.10:*:*:*:*:*:*:*
sendcardsendcard1.20cpe:2.3:a:sendcard:sendcard:1.20:*:*:*:*:*:*:*
sendcardsendcard2.00cpe:2.3:a:sendcard:sendcard:2.00:*:*:*:*:*:*:*
sendcardsendcard2.01cpe:2.3:a:sendcard:sendcard:2.01:*:*:*:*:*:*:*
sendcardsendcard3.0.0cpe:2.3:a:sendcard:sendcard:3.0.0:*:*:*:*:*:*:*
sendcardsendcard3.0.1cpe:2.3:a:sendcard:sendcard:3.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sendcard	sendcard	*	cpe:2.3:a:sendcard:sendcard::::::::
sendcard	sendcard	1.00	cpe:2.3:a:sendcard:sendcard:1.00:::::::*
sendcard	sendcard	1.01	cpe:2.3:a:sendcard:sendcard:1.01:::::::*
sendcard	sendcard	1.02	cpe:2.3:a:sendcard:sendcard:1.02:::::::*
sendcard	sendcard	1.10	cpe:2.3:a:sendcard:sendcard:1.10:::::::*
sendcard	sendcard	1.20	cpe:2.3:a:sendcard:sendcard:1.20:::::::*
sendcard	sendcard	2.00	cpe:2.3:a:sendcard:sendcard:2.00:::::::*
sendcard	sendcard	2.01	cpe:2.3:a:sendcard:sendcard:2.01:::::::*
sendcard	sendcard	3.0.0	cpe:2.3:a:sendcard:sendcard:3.0.0:::::::*
sendcard	sendcard	3.0.1	cpe:2.3:a:sendcard:sendcard:3.0.1:::::::*

Rows per page:

1-10 of 251

References

secunia.com/advisories/19056

sourceforge.net/forum/forum.php?forum_id=544749

www.securityfocus.com/bid/16900

www.vupen.com/english/advisories/2006/0778

exchange.xforce.ibmcloud.com/vulnerabilities/24978

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.6

Confidence

Low

EPSS

0.004

Percentile

72.1%

JSON

Related for CVE-2006-1006