Lucene search

[email protected]NVD:CVE-2006-1000

HistoryMar 06, 2006 - 8:06 p.m.

CVE-2006-1000

2006-03-0620:06:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

Low

EPSS

0.002

Percentile

61.4%

JSON

Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.

Affected configurations

Nvd

Node

g2softpentacle_in-out_boardMatch6.03

VendorProductVersionCPE
g2softpentacle_in-out_board6.03cpe:2.3:a:g2soft:pentacle_in-out_board:6.03:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
g2soft	pentacle_in-out_board	6.03	cpe:2.3:a:g2soft:pentacle_in-out_board:6.03:::::::*

References

lists.grok.org.uk/pipermail/full-disclosure/2006-February/042524.html

lists.grok.org.uk/pipermail/full-disclosure/2006-February/042525.html

secunia.com/advisories/19024

securitytracker.com/id?1015682

www.nukedx.com/?viewdoc=13

www.nukedx.com/?viewdoc=14

www.securityfocus.com/archive/1/426074/100/0/threaded

www.securityfocus.com/archive/1/426075/100/0/threaded

www.securityfocus.com/bid/16818

www.vupen.com/english/advisories/2006/0749

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

Low

EPSS

0.002

Percentile

61.4%

JSON

Related for NVD:CVE-2006-1000

cve1 prion1 exploitdb1 cvelist1