Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0184

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0184
Last Modified 07 Mar 2011 09:29:32
Published 12 Jan 2006 01:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0184

Summary

Multiple SQL injection vulnerabilities in AspTopSites allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to goto.asp or (2) password parameter to includeloginuser.asp.

Vulnerable Systems

Application

  • Mainenet Enterprises Asptopsites


References

VUPEN - ADV-2006-0146

MISC - http://www.exploitlabs.com/files/advisories/EXPL-A-2006-001-asptopsites.txt

SECUNIA - 18408

XF - asptopsites-goto-sql-injection(24072)

OSVDB - 22330

FULLDISC - 20060110 AspTopSites SQL injection


Last Updated: 27 May 2016 10:41:34