Lucene search
MitreCVE-2006-6861HistoryJan 04, 2007 - 10:00 p.m.
CVE-2006-6861
2007-01-0422:00:00
mitre
web.nvd.nist.gov
23
cve-2006-6861
sql injection
outfront spooky login 2.7
remote attackers
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.9
Confidence
Low
EPSS
0.002
Percentile
61.5%
Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.
Affected configurations
Node
outfrontspooky_loginMatch2.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| outfront | spooky_login | 2.7 | cpe:2.3:a:outfront:spooky_login:2.7:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-6861
2007-01-04 22:00:00
nvd
nvd
CVE-2006-6861
2006-12-31 05:00:00
exploitdb
exploitdb
Spooky 2.7 - 'login/register.asp' SQL Injection
2006-12-30 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.9
Confidence
Low
EPSS
0.002
Percentile
61.5%
Related for CVE-2006-6861