Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3271

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3271
Last Modified 07 Mar 2011 09:38:14
Published 28 Jun 2006 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3271

Summary

Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) index.php, and (e) news_desc.php.

Vulnerable Systems

Application

  • Softbiz Dating Script 1.0


References

VUPEN - ADV-2006-2512

BID - 18605

BUGTRAQ - 20060622 Softbiz Dating 1.0 SQL injection

SECUNIA - 20802

XF - softbizdating-multiple-sql-injection(27383)

SREASON - 1163


Last Updated: 27 May 2016 10:42:57