Lucene search

[email protected]NVD:CVE-2006-2179

HistoryMay 04, 2006 - 12:38 p.m.

CVE-2006-2179

2006-05-0412:38:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.005

Percentile

75.8%

JSON

Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm.

Affected configurations

Nvd

Node

smartwin_technologycyberoffice_warehouse_builder

VendorProductVersionCPE
smartwin_technologycyberoffice_warehouse_builder*cpe:2.3:a:smartwin_technology:cyberoffice_warehouse_builder:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
smartwin_technology	cyberoffice_warehouse_builder	*	cpe:2.3:a:smartwin_technology:cyberoffice_warehouse_builder::::::::

References

pridels0.blogspot.com/2006/05/cyberbuild-vuln.html

secunia.com/advisories/19889

www.osvdb.org/25195

www.osvdb.org/25196

www.securityfocus.com/bid/17829

www.vupen.com/english/advisories/2006/1630

exchange.xforce.ibmcloud.com/vulnerabilities/26201

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.005

Percentile

75.8%

JSON

Related for NVD:CVE-2006-2179

cvelist1 prion1 exploitdb2 cve1