Lucene search

[email protected]CVE-2006-5514

HistoryOct 26, 2006 - 4:07 p.m.

CVE-2006-5514

2006-10-2616:07:00

[email protected]

web.nvd.nist.gov

sql injection

wgcc

web group communication center

cve-2006-5514

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON

SQL injection vulnerability in quiz.php in Web Group Communication Center (WGCC) 0.5.6b and earlier allows remote attackers to execute arbitrary SQL commands via the qzid parameter.

Affected configurations

NVD

Node

web_group_communication_centerweb_group_communication_centerRange≤0.5.6b

CPENameOperatorVersion
web_group_communication_center:web_group_communication_centerweb group communication centerle0.5.6b

CPE	Name	Operator	Version
web_group_communication_center:web_group_communication_center	web group communication center	le	0.5.6b

References

www.securityfocus.com/bid/20653

exchange.xforce.ibmcloud.com/vulnerabilities/29712

www.exploit-db.com/exploits/2604

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON

Related for CVE-2006-5514

nvd1 cvelist1