Lucene search
MitreCVE-2006-6095HistoryNov 24, 2006 - 6:07 p.m.
CVE-2006-6095
2006-11-2418:07:00
CWE-89
mitre
web.nvd.nist.gov
30
cve
2006
6095
sql injection
activenews manager
remote attackers
arbitrary sql commands
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.007
Percentile
80.4%
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the activeNews_categories.asp and activeNews_comments.asp vectors are already covered by CVE-2006-6094.
Affected configurations
Node
dotnetindexactive_news_manager
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dotnetindex | active_news_manager | * | cpe:2.3:a:dotnetindex:active_news_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-6095
2006-11-24 18:00:00
CVE-2006-6094
2006-11-24 18:00:00
nvd
nvd
CVE-2006-6095
2006-11-24 18:07:00
CVE-2006-6094
2006-11-24 18:07:00
exploitdb
exploitdb
ActiveNews Manager - 'page' SQL Injection
2006-11-18 00:00:00
ActiveNews Manager - 'articleId' SQL Injection (1)
2006-11-18 00:00:00
ActiveNews Manager - 'articleId' SQL Injection (2)
2006-11-18 00:00:00
cve
cve
CVE-2006-6094
2006-11-24 18:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.007
Percentile
80.4%
Related for CVE-2006-6095