ID CVE-2006-3770
Summary Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) i_cat or (2) method parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:phpfaber:topsites:*:*:*:*:*:*:*:*
    cpe:2.3:a:phpfaber:topsites:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 17-10-2018 - 21:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 19097
bugtraq 20060720 [MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability
misc http://www.majorsecurity.de/advisory/major_rls21.txt
osvdb 27415
sectrack 1016552
secunia 21141
sreason 1266
vupen ADV-2006-2913
xf phpfabertopsites-index-sql-injection(27879)
Last major update 17-10-2018 - 21:30
Published 24-07-2006 - 12:19
Last modified 17-10-2018 - 21:30
Back to Top