Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2508

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2508
Last Modified 07 Mar 2011 09:36:20
Published 22 May 2006 03:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2508

Summary

SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly involving an attack vector using advertise.php.

Vulnerable Systems

Application

  • Yourfreeworld Stylish Text Ads Script


References

XF - yourfreeworld-tr1-advertise-xss(26570)

XF - yourfreeworld-tr1-advertise-sql-injection(26569)

VUPEN - ADV-2006-1897

BID - 18044

BUGTRAQ - 20060519 Yourfreeworld Styleish Text Ads Script

OSVDB - 25692

OSVDB - 25691

SECUNIA - 20213

SREASON - 931


Last Updated: 27 May 2016 10:42:39