Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0939

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0939
Last Modified 05 Sep 2008 05:00:37
Published 28 Feb 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0939

Summary

SQL injection vulnerability in DCI-Taskeen 1.03 allows remote attackers to execute arbitrary SQL commands via the (1) id or (2) action parameter to (a) basket.php, or (3) id or (4) page parameter to (b) cat.php.

Vulnerable Systems

Application

  • Dci-designs Dci-taskeen 1.03


References

BID - 16828

BUGTRAQ - 20060225 SQL Injection in DCI-Taskeen

SECTRACK - 1015685

XF - dci-taskeen-multiple-scripts-sql-injection(24963)

SREASON - 495


Last Updated: 27 May 2016 10:41:52