Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1265

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1265
Last Modified 05 Sep 2008 05:01:27
Published 18 Mar 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1265

Summary

SQL injection vulnerability in discussion.class.php in xhawk.net discussion 2.0 beta2 allows remote attackers to execute arbitrary SQL commands via the view parameter.

Vulnerable Systems

Application

  • Xhawk.net Discussion 2.0 Beta2


References

BUGTRAQ - 20060315 [eVuln] discussion - xhawk.net BBCode 'img' XSS & SQL Injection Vulnerabilities

MISC - http://evuln.com/vulns/92/summary.html

XF - discussion-class-sql-injection(25237)

BID - 17121

OSVDB - 23971


Last Updated: 27 May 2016 10:42:00