Lucene search

[email protected]CVE-2006-5881

HistoryNov 14, 2006 - 7:07 p.m.

CVE-2006-5881

2006-11-1419:07:00

[email protected]

web.nvd.nist.gov

cve

2006

5881

sql injection

dynamic dataworx nucommunity 1.0

remote attackers

arbitrary sql commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.053 Low

EPSS

Percentile

93.1%

JSON

SQL injection vulnerability in cl_CatListing.asp in Dynamic Dataworx NuCommunity 1.0 allows remote attackers to execute arbitrary SQL commands via the cl_cat_ID parameter.

Affected configurations

NVD

Node

dynamic_dataworxnucommunityMatch1.0

CPENameOperatorVersion
dynamic_dataworx:nucommunitydynamic dataworx nucommunityeq1.0

CPE	Name	Operator	Version
dynamic_dataworx:nucommunity	dynamic dataworx nucommunity	eq	1.0

References

secunia.com/advisories/22827

securityreason.com/securityalert/1853

securitytracker.com/id?1017214

www.securityfocus.com/archive/1/451326/100/0/threaded

www.securityfocus.com/bid/21015

www.vupen.com/english/advisories/2006/4466

exchange.xforce.ibmcloud.com/vulnerabilities/30193

www.exploit-db.com/exploits/2754

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.053 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2006-5881

nvd1 cvelist1