Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2126

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2126
Last Modified 07 Mar 2011 09:35:24
Published 01 May 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2126

Summary

SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters.

Vulnerable Systems

Application

  • Avalon Ltd Maxtrade 1.0.1


References

VUPEN - ADV-2006-1581

SECUNIA - 19876

XF - maxtrade-pocategories-sql-injection(26171)

BID - 17765

OSVDB - 25122

MISC - http://pridels0.blogspot.com/2006/04/maxtrade-sql-inj.html


Last Updated: 27 May 2016 10:42:20