CVE-2006-1536

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 30/03/06 - Updated on 05/09/08

Description

Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) motclef and (2) nbr_line_view parameters in (a) carnet.php, and the (3) id_contact parameter in (b) contact_view.php.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2006-1536

Exploits

Exploit-DBEDB-27510, EDB-27511
SecurityFocusBID-17306

Relative technologies

VendorProduct
phoetux.netphxcontacts

Share this vulnerability with:

Twitter Facebook LinkedIn Mail