Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0626

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0626
Last Modified 07 Mar 2011 09:30:28
Published 09 Feb 2006 01:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0626

Summary

SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter.

Vulnerable Systems

Application

  • Spip 1.8.2g


References

VUPEN - ADV-2006-0483

BID - 16551

MISC - http://retrogod.altervista.org/spip_182g_shell_inj_xpl.html

XF - spip-access-doc-sql-injection(24599)

OSVDB - 23087

SECTRACK - 1015602

SECUNIA - 18676


Last Updated: 27 May 2016 10:41:44