Lucene search

MitreCVE-2006-5638

HistoryNov 01, 2006 - 12:07 a.m.

CVE-2006-5638

2006-11-0100:07:00

mitre

web.nvd.nist.gov

cve

sql injection

phpmyring

security vulnerability

remote attack

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.005

Percentile

76.5%

JSON

Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing 4.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) limite and (2) mots parameters.

Affected configurations

Nvd

Node

phpmyringphpmyringRange≤4.2.1

phpmyringphpmyringMatch4.2

VendorProductVersionCPE
phpmyringphpmyring*cpe:2.3:a:phpmyring:phpmyring:*:*:*:*:*:*:*:*
phpmyringphpmyring4.2cpe:2.3:a:phpmyring:phpmyring:4.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpmyring	phpmyring	*	cpe:2.3:a:phpmyring:phpmyring::::::::
phpmyring	phpmyring	4.2	cpe:2.3:a:phpmyring:phpmyring:4.2:::::::*

References

secunia.com/advisories/22620

www.securityfocus.com/bid/20792

www.vupen.com/english/advisories/2006/4261

exchange.xforce.ibmcloud.com/vulnerabilities/29887

www.exploit-db.com/exploits/2679

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.005

Percentile

76.5%

JSON

Related for CVE-2006-5638