Lucene search
MitreCVE-2006-6072HistoryNov 24, 2006 - 5:07 p.m.
CVE-2006-6072
2006-11-2417:07:00
mitre
web.nvd.nist.gov
23
cve-2006-6072
sql injection
bpg
publications_list.asp
bpg-infotech easy publisher
smart publisher//pro 2.7.7
remote attack
sql commands
vjob parameter
nvd
information security
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.003
Percentile
70.8%
SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Affected configurations
Node
bpg-infotecheasy_publisherMatch2.7.7
ORbpg-infotechsmart_publisher_proMatch2.7.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bpg-infotech | easy_publisher | 2.7.7 | cpe:2.3:a:bpg-infotech:easy_publisher:2.7.7:*:*:*:*:*:*:* |
| bpg-infotech | smart_publisher_pro | 2.7.7 | cpe:2.3:a:bpg-infotech:smart_publisher_pro:2.7.7:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.003
Percentile
70.8%
Related for CVE-2006-6072