Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3096

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3096
Last Modified 09 Nov 2008 01:28:01
Published 19 Jun 2006 05:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3096

Summary

Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter in topics.cfm. NOTE: this item was created based on information in a blog entry that was apparently removed after CVE analysis. As of 20060619, CVE is attempting to determing the cause of the removal.

Vulnerable Systems

Application

  • Ipostmx 2005 2.0


References

XF - ipost-forum-sql-injection(27144)

MISC - http://pridels0.blogspot.com/2006/06/ipostmx-2005-vuln.html


Last Updated: 27 May 2016 10:42:53