Vulnerability Details CVE-2006-0961
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2006-02/0449.html
- http://marc.info/?l=full-disclosure&m=114079912721723&w=2
- http://secunia.com/advisories/19157
- http://securitytracker.com/id?1015677
- http://www.nukedx.com/?viewdoc=10
- http://www.osvdb.org/23618
- http://www.securityfocus.com/bid/16813
- http://www.vupen.com/english/advisories/2006/0881
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24920
- https://www.exploit-db.com/exploits/1562
- http://archives.neohapsis.com/archives/bugtraq/2006-02/0449.html
- http://marc.info/?l=full-disclosure&m=114079912721723&w=2
- http://secunia.com/advisories/19157
- http://securitytracker.com/id?1015677
- http://www.nukedx.com/?viewdoc=10
- http://www.osvdb.org/23618
- http://www.securityfocus.com/bid/16813
- http://www.vupen.com/english/advisories/2006/0881
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24920
- https://www.exploit-db.com/exploits/1562
Products affected by CVE-2006-0961
-
cpe:2.3:a:cilem:cilem_haber:1.1