Lucene search
MitreCVE-2006-6766HistoryDec 27, 2006 - 2:28 a.m.
CVE-2006-6766
2006-12-2702:28:00
mitre
web.nvd.nist.gov
19
cve
2006
6766
sql injection
cwmexplorer
remote attackers
arbitrary sql commands
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.002
Percentile
52.3%
Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: The provenance of this information is unknown; details are obtained solely from third party information.
Affected configurations
Node
cwm-designcwmexplorerRange≤1.1
ORcwm-designcwmexplorerMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cwm-design | cwmexplorer | * | cpe:2.3:a:cwm-design:cwmexplorer:*:*:*:*:*:*:*:* |
| cwm-design | cwmexplorer | 1.0 | cpe:2.3:a:cwm-design:cwmexplorer:1.0:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.002
Percentile
52.3%
Related for CVE-2006-6766