Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1328

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1328
Last Modified 07 Mar 2011 09:32:49
Published 20 Mar 2006 08:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1328

Summary

SQL injection vulnerability in count.php in Skull-Splitter PHP Downloadcounter for Wallpapers 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) count_fieldname, (2) url_fieldname, or (3) url parameter.

Vulnerable Systems

Application

  • Skull-splitter Download Counter Wallpaper 1.0


References

VUPEN - ADV-2006-1004

SECUNIA - 19314

MISC - http://evuln.com/vulns/105/summary.html

XF - downloadcounter-count-sql-injection(25316)

BID - 17156

BUGTRAQ - 20060329 [eVuln] Skull-Splitter's PHP Downloadcounter for Wallpapers SQL Injection

OSVDB - 23972

SREASON - 649


Last Updated: 27 May 2016 10:42:02