1. CVE-Search
  2. CVE-2006-7034
ID CVE-2006-7034
Summary SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
    cpe:2.3:o:hp:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
  • cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
    cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
    cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
  • cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
    cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
  • cpe:2.3:a:super_link_exchange_script:super_link_exchange_script:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:super_link_exchange_script:super_link_exchange_script:1.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 16-10-2018 - 16:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq 20060525 Super Link Exchange Script v1.0
sreason 2285
xf superlinkexchange-directory-sql-injection(26720)
Last major update 16-10-2018 - 16:29
Published 23-02-2007 - 03:28
Last modified 16-10-2018 - 16:29
Back to Top