CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-1123

SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.4%

CVSS Severity

CVSS v2 Score 10.0

References

http://secunia.com/advisories/19177
http://securityreason.com/securityalert/559
http://www.osvdb.org/23770
http://www.securityfocus.com/archive/1/427103/100/0/threaded
http://www.securityfocus.com/bid/17035
http://www.vupen.com/english/advisories/2006/0896
https://exchange.xforce.ibmcloud.com/vulnerabilities/25215
http://secunia.com/advisories/19177
http://securityreason.com/securityalert/559
http://www.osvdb.org/23770
http://www.securityfocus.com/archive/1/427103/100/0/threaded
http://www.securityfocus.com/bid/17035
http://www.vupen.com/english/advisories/2006/0896
https://exchange.xforce.ibmcloud.com/vulnerabilities/25215

Products affected by CVE-2006-1123

D2ksoft » D2kblog » Version: 1.0

cpe:2.3:a:d2ksoft:d2kblog:1.0
D2ksoft » D2kblog » Version: 1.0.1

cpe:2.3:a:d2ksoft:d2kblog:1.0.1
D2ksoft » D2kblog » Version: 1.0.2

cpe:2.3:a:d2ksoft:d2kblog:1.0.2
D2ksoft » D2kblog » Version: 1.0.3

cpe:2.3:a:d2ksoft:d2kblog:1.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1123

Products

Pricing

Contact Us