Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2067

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2067
Last Modified 05 Sep 2008 05:03:34
Published 27 Apr 2006 09:34:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2067

Summary

SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter.

Vulnerable Systems

Application

  • Mkportal 1.1


References

BUGTRAQ - 20060421 vBulletin <= 3.5.4 with MKPortal 1.1 Remote SQL Injection Vulnerability.

MISC - http://www.nukedx.com/?viewdoc=26

SECTRACK - 1015977

BID - 17651

SREASON - 801


Last Updated: 27 May 2016 10:42:19