Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1572

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1572
Last Modified 07 Mar 2011 09:33:19
Published 31 Mar 2006 07:04:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1572

Summary

SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action.

Vulnerable Systems

Application

  • O2php.com Oxygen 1.0.11

  • O2php.com Oxygen 1.1

  • O2php.com Oxygen 1.1.1

  • O2php.com Oxygen 1.1.2

  • O2php.com Oxygen 1.1.3


References

VUPEN - ADV-2006-1181

BID - 17324

BUGTRAQ - 20060330 Oxygen<=1.x.x SQL injection

SECUNIA - 19481

XF - oxygen-post-sql-injection(25570)

OSVDB - 24287

SREASON - 658


Last Updated: 27 May 2016 10:42:06