Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2987

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2987
Last Modified 07 Mar 2011 09:37:26
Published 12 Jun 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2987

Summary

Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) voteid, and (3) vfiel parameters to (a) index.php, and via the (4) nick, (5) email, (6) city, (7) messen, and (8) message form field parameters to (b) add.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Systems

Application

  • Dominios Europa Picrate 1.0


References

VUPEN - ADV-2006-2118

SECUNIA - 20414

XF - talratemypic-add-index-sql-injection(27017)


Last Updated: 27 May 2016 10:42:50