Lucene search
MitreCVE-2006-5945HistoryNov 17, 2006 - 12:07 a.m.
CVE-2006-5945
2006-11-1700:07:00
mitre
web.nvd.nist.gov
27
cve-2006-5945
sql injection
mginternet car site manager
csm
remote attackers
arbitrary commands
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.007
Percentile
79.7%
Multiple SQL injection vulnerabilities in MGinternet Car Site Manager (CSM) allow remote attackers to execute arbitrary SQL commands via the (1) p parameter to (a) csm/asp/detail.asp, or the (2) l, (3) typ, or (4) loc parameter to (b) csm/asp/listings.asp.
Affected configurations
Node
mginternetcar_site_manager
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mginternet | car_site_manager | * | cpe:2.3:a:mginternet:car_site_manager:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Car Site Manager - '/csm/asp/detail.asp?p' SQL Injection
2006-11-14 00:00:00
Car Site Manager - '/csm/asp/listings.asp' Multiple SQL Injections
2006-11-14 00:00:00
nvd
nvd
CVE-2006-5945
2006-11-17 00:07:00
cvelist
cvelist
CVE-2006-5945
2006-11-17 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.007
Percentile
79.7%
Related for CVE-2006-5945