Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3618

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3618
Last Modified 05 Sep 2008 05:07:37
Published 18 Jul 2006 11:47:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3618

Summary

SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters.

Vulnerable Systems

Application

  • Pixelated By Lev Guestbook 1.32


References

XF - pblguestbook-pblguestbook-sql-injection(27624)

BUGTRAQ - 20060707 PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities

MISC - http://www.neosecurityteam.net/index.php?action=advisories&id=23


Last Updated: 27 May 2016 10:43:04