Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0602

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0602
Last Modified 08 Sep 2011 12:00:00
Published 08 Feb 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0602

Summary

Multiple SQL injection vulnerabilities in Hinton Design phphg Guestbook 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to check.php or the id parameter to (2) admin/edit_smilie.php, (3) admin/add_theme.php, (4) admin/ban_ip.php, (5) admin/add_lang.php, or (6) admin/edit_filter.php.

Vulnerable Systems

Application

  • Hinton Design Phphg Guestbook 1.2


References

VUPEN - ADV-2006-0480

BID - 16541

BUGTRAQ - 20060211 [eVuln] phphg Guestbook Multiple Vulnerabilities

SECTRACK - 1015620

SECUNIA - 18758

MISC - http://evuln.com/vulns/58/summary.html


Last Updated: 27 May 2016 10:41:44