Lucene search
HistoryJun 01, 2006 - 10:02 a.m.
CVE-2006-2742
cve-2006-2742
sql injection
drupal
vulnerability
remote execution
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.3%
SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and © database.mysqli.inc.
Affected configurations
Node
drupaldrupalMatch4.6
ORdrupaldrupalMatch4.6.0
ORdrupaldrupalMatch4.6.1
ORdrupaldrupalMatch4.6.2
ORdrupaldrupalMatch4.6.3
ORdrupaldrupalMatch4.6.4
ORdrupaldrupalMatch4.6.5
ORdrupaldrupalMatch4.6.6
ORdrupaldrupalMatch4.7.0
References
Related
prion
prion
Sql injection
2006-06-01 10:02:00
cvelist
cvelist
CVE-2006-2742
2006-06-01 10:00:00
nvd
nvd
CVE-2006-2742
2006-06-01 10:02:00
ubuntucve
ubuntucve
CVE-2006-2742
2006-06-01 00:00:00
nessus
nessus
FreeBSD : drupal -- multiple vulnerabilities (40a0185f-ec32-11da-be02-000c6ec775d9)
2006-06-06 00:00:00
Debian DSA-1125-2 : drupal - several vulnerabilities
2006-10-14 00:00:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2006-05-18 00:00:00
openvas
openvas
FreeBSD Ports: drupal
2008-09-04 00:00:00
FreeBSD Ports: drupal
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1125)
2008-01-17 00:00:00
osv
osv
drupal - several
2006-07-27 00:00:00
debian
debian
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.3%
Related for CVE-2006-2742