admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2006/CVE-2006-32xx/CVE-2006-3236.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

147 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2006-3236",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-06-27T10:05:00.000",
"lastModified": "2024-11-21T00:13:08.563",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) index.php or (b) printarticle.php, and the (2) catid parameter in index.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidad de inyecci\u00f3n SQL en thinkWMS v1.0 y anteriores permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s del par\u00e1metro (1) id en (a) index.php o (b) printarticle.php, y el par\u00e1metro (2) catid en index.php."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thinkfactory:thinkwms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "FEF3B0EF-742D-424F-B540-667C1DCDB560"
}
]
}
]
}
],
"references": [
{
"url": "http://pridels0.blogspot.com/2006/06/thinkwms-sql-injection-vuln.html",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/20747",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1016355",
"source": "cve@mitre.org"
},
{
"url": "http://www.osvdb.org/26742",
"source": "cve@mitre.org"
},
{
"url": "http://www.osvdb.org/26743",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/18567",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2006/2470",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27270",
"source": "cve@mitre.org"
},
{
"url": "http://pridels0.blogspot.com/2006/06/thinkwms-sql-injection-vuln.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/20747",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1016355",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.osvdb.org/26742",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.osvdb.org/26743",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/18567",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.vupen.com/english/advisories/2006/2470",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27270",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink