Lucene search

[email protected]NVD:CVE-2006-1708

HistoryApr 11, 2006 - 10:02 a.m.

CVE-2006-1708

2006-04-1110:02:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.009

Percentile

82.6%

JSON

SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php.

Affected configurations

Nvd

Node

clansysclansysMatch1.1

VendorProductVersionCPE
clansysclansys1.1cpe:2.3:a:clansys:clansys:1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
clansys	clansys	1.1	cpe:2.3:a:clansys:clansys:1.1:::::::*

References

secunia.com/advisories/19609

securitytracker.com/id?1015935

www.securityfocus.com/bid/17456

www.vupen.com/english/advisories/2006/1295

exchange.xforce.ibmcloud.com/vulnerabilities/25746

www.exploit-db.com/exploits/1662

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.009

Percentile

82.6%

JSON

Related for NVD:CVE-2006-1708

cve1 exploitdb1 prion1 cvelist1