Vulnerability Details CVE-2006-0581
SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.3%
CVSS Severity
CVSS v2 Score 6.5
References
- http://secunia.com/advisories/18731
- http://securitytracker.com/id?1015584
- http://www.osvdb.org/22982
- http://www.osvdb.org/22983
- http://www.vupen.com/english/advisories/2006/0460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24537
- http://secunia.com/advisories/18731
- http://securitytracker.com/id?1015584
- http://www.osvdb.org/22982
- http://www.osvdb.org/22983
- http://www.vupen.com/english/advisories/2006/0460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24537
Products affected by CVE-2006-0581
-
cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.8