nvd-json-data-feeds/CVE-2006/CVE-2006-15xx/CVE-2006-1541.json

{
  "id": "CVE-2006-1541",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-03-30T11:02:00.000",
  "lastModified": "2018-10-18T16:33:20.797",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the Scheme parameter."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n SQL en Default.asp en EzASPSite 2.0 RC3 y versiones anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios y obtener el hash SHA1 de la contrase\u00f1a de admin a trav\u00e9s del par\u00e1metro Scheme."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ezaspsite:ezaspsite:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "2.0_rc3",
              "matchCriteriaId": "1A88D784-6700-49BD-B4AD-3887EAB385C8"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://marc.info/?l=full-disclosure&m=114367573519326&w=2",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.nukedx.com/?viewdoc=22",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "http://www.securityfocus.com/archive/1/429487/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/17309",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/1164",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25544",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.exploit-db.com/exploits/1623",
      "source": "cve@mitre.org"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2006-1541",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2006-03-30T11:02:00.000",`
			`"lastModified": "2018-10-18T16:33:20.797",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the Scheme parameter."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "Vulnerabilidad de inyecci\u00f3n SQL en Default.asp en EzASPSite 2.0 RC3 y versiones anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios y obtener el hash SHA1 de la contrase\u00f1a de admin a trav\u00e9s del par\u00e1metro Scheme."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "LOW",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "COMPLETE",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 7.8`
			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 10.0,`
			`"impactScore": 6.9,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-Other"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ezaspsite:ezaspsite::::::::",`
			`"versionEndIncluding": "2.0_rc3",`
			`"matchCriteriaId": "1A88D784-6700-49BD-B4AD-3887EAB385C8"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://marc.info/?l=full-disclosure&m=114367573519326&w=2",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://www.nukedx.com/?viewdoc=22",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Exploit"`
			`]`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/archive/1/429487/100/0/threaded",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/bid/17309",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://www.vupen.com/english/advisories/2006/1164",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25544",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://www.exploit-db.com/exploits/1623",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`