Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3244

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-3244
Last Modified 07 Mar 2011 09:38:09
Published 27 Jun 2006 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3244

Summary

Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order parameter in buglist.php and the (2) bug parameter in query.php.

Vulnerable Systems

Application

  • Anthill 0.2.6

  • Anthill 0.3.0


References

VUPEN - ADV-2006-2529

SECUNIA - 20838

XF - anthill-buglist-query-sql-injection(27373)

BID - 18661

MISC - http://pridels0.blogspot.com/2006/06/anthill-sql-injection-vuln.html


Last Updated: 27 May 2016 10:42:56