Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3262

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3262
Last Modified 07 Mar 2011 09:38:13
Published 27 Jun 2006 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3262

Summary

SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.

Vulnerable Systems

Application

  • Mambo 4.6


References

SECUNIA - 20745

VUPEN - ADV-2006-2416

BUGTRAQ - 20060617 Mambo <= 4.6rc1 sql injection

CONFIRM - http://www.mamboserver.com/?option=com_content&task=view&id=207

SECTRACK - 1016334

MISC - http://retrogod.altervista.org/mambo_46rc1_sql.html

BID - 18492

OSVDB - 26624

SREASON - 1158


Last Updated: 27 May 2016 10:42:57