Lucene search

[email protected]CVE-2006-1423

HistoryMar 28, 2006 - 8:02 p.m.

CVE-2006-1423

2006-03-2820:02:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2006-1423

sql injection

ubb.threads

showflat.php

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.8%

JSON

SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter.

Affected configurations

NVD

Node

ubbcentralubb.threadsMatch5.5.1

ubbcentralubb.threadsMatch6.0br5

ubbcentralubb.threadsMatch6.0.1

ubbcentralubb.threadsMatch6.0.2

CPENameOperatorVersion
ubbcentral:ubb.threadsubbcentral ubb.threadseq5.5.1
ubbcentral:ubb.threadsubbcentral ubb.threadseq6.0
ubbcentral:ubb.threadsubbcentral ubb.threadseq6.0.1
ubbcentral:ubb.threadsubbcentral ubb.threadseq6.0.2

CPE	Name	Operator	Version
ubbcentral:ubb.threads	ubbcentral ubb.threads	eq	5.5.1
ubbcentral:ubb.threads	ubbcentral ubb.threads	eq	6.0
ubbcentral:ubb.threads	ubbcentral ubb.threads	eq	6.0.1
ubbcentral:ubb.threads	ubbcentral ubb.threads	eq	6.0.2

References

securityreason.com/securityalert/628

www.securityfocus.com/archive/1/428833/100/0/threaded

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.8%

JSON

Related for CVE-2006-1423

prion1 nvd1 cvelist1