Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2209

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2209
Last Modified 07 Mar 2011 09:35:32
Published 05 May 2006 08:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2209

Summary

Multiple SQL injection vulnerabilities in index.php in PHP Arena paCheckBook 1.1 allow remote attackers to execute arbitrary SQL commands via (1) the transtype parameter in an add action or (2) entry parameter in an edit action. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Systems

Application

  • Php Arena Pacheckbook 1.1


References

VUPEN - ADV-2006-1691

BID - 17821

MISC - http://downloads.securityfocus.com/vulnerabilities/exploits/pacheckbook-1.1-mutlsql.txt

XF - pacheckbook-index-sql-injection(26356)

OSVDB - 25349

SECUNIA - 20008


Last Updated: 27 May 2016 10:42:22