Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1109

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1109
Last Modified 07 Mar 2011 09:32:02
Published 09 Mar 2006 08:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1109

Summary

SQL injection vulnerability in index.asp in Total Ecommerce 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it is not clear whether this report is associated with a specific product. If not, then it should not be included in CVE.

Vulnerable Systems

Application

  • Totalecommerce 1.0


References

XF - totalecommerce-index-sql-injection(25045)

VUPEN - ADV-2006-0840

BID - 16960

BUGTRAQ - 20060304 Advisory: TotalECommerce (index.asp id) Remote SQL InjectionVulnerability.

MISC - http://www.nukedx.com/?viewdoc=18

SECUNIA - 19103

SREASON - 530


Last Updated: 27 May 2016 10:41:56