Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0919

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0919
Last Modified 07 Mar 2011 09:31:06
Published 28 Feb 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0919

Summary

SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

Vulnerable Systems

Application

  • Oi Email Marketing System 3.0


References

VUPEN - ADV-2006-0718

BUGTRAQ - 20060223 HYSA-2006-003 Oi! Email Marketing 3.0 SQL Injection

MISC - http://www.h4cky0u.org/advisories/HYSA-2006-003-oi-email.txt

OSVDB - 23462

SECUNIA - 18993


Last Updated: 27 May 2016 10:41:50