Intelligence Center » Browse All Vulnerabilities » CVE-2006-3572
Overview |
|
| Vulnerability Score |  7.5 |
| CVE Id | CVE-2006-3572 |
| Last Modified | 07 Mar 2011 09:38:58 |
| Published | 12 Jul 2006 09:05:00 |
| Confidentiality Impact |  PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-2006-3572
Summary
SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earlier allows remote attackers to execute arbitrary SQL commands via the msgid parameter.
Vulnerable Systems
Application
Papoo 2.1.2
Papoo 2.1.4
Papoo 2.1.5
Papoo 3.0.0
Papoo 3.0.0 Beta1
Papoo 3.0.0 Rc3
References
XF - papoo-forumthread-sql-injection(27640)
VUPEN - ADV-2006-2713
BID - 18895
BUGTRAQ - 20060707 PAPOO <=3RC3 sql injection / admin credentials disclosure
SECTRACK - 1016461
SECUNIA - 20978
MILW0RM - 1993
OSVDB - 27118
SREASON - 1217
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:43:02
