Vulnerability Details CVE-2006-0205
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to (1) execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php (involving v_login.php and s_user.php) and (2) have other unknown impact via certain other fields in unspecified scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.8%
CVSS Severity
CVSS v2 Score 5.1
References
- http://evuln.com/vulns/27/summary.html
- http://evuln.com/vulns/28/summary.html
- http://secunia.com/advisories/18440
- http://securityreason.com/securityalert/345
- http://securityreason.com/securityalert/346
- http://www.osvdb.org/22358
- http://www.securityfocus.com/archive/1/421745/100/0/threaded
- http://www.securityfocus.com/archive/1/421746/100/0/threaded
- http://www.securityfocus.com/bid/16227
- http://www.vupen.com/english/advisories/2006/0185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24108
- http://evuln.com/vulns/27/summary.html
- http://evuln.com/vulns/28/summary.html
- http://secunia.com/advisories/18440
- http://securityreason.com/securityalert/345
- http://securityreason.com/securityalert/346
- http://www.osvdb.org/22358
- http://www.securityfocus.com/archive/1/421745/100/0/threaded
- http://www.securityfocus.com/archive/1/421746/100/0/threaded
- http://www.securityfocus.com/bid/16227
- http://www.vupen.com/english/advisories/2006/0185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24108
Products affected by CVE-2006-0205
-
cpe:2.3:a:wordcircle:wordcircle:2.17