Vulnerability Details CVE-2006-2416
SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name'].
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.5%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/20089
- http://securityreason.com/securityalert/905
- http://www.osvdb.org/25521
- http://www.securityfocus.com/archive/1/433938/100/0/threaded
- http://www.securityfocus.com/bid/17966
- http://www.vupen.com/english/advisories/2006/1802
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26434
- http://secunia.com/advisories/20089
- http://securityreason.com/securityalert/905
- http://www.osvdb.org/25521
- http://www.securityfocus.com/archive/1/433938/100/0/threaded
- http://www.securityfocus.com/bid/17966
- http://www.vupen.com/english/advisories/2006/1802
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26434
Products affected by CVE-2006-2416
-
cpe:2.3:a:e107:e107:0.545
-
cpe:2.3:a:e107:e107:0.554
-
cpe:2.3:a:e107:e107:0.555_beta
-
cpe:2.3:a:e107:e107:0.603
-
cpe:2.3:a:e107:e107:0.616
-
cpe:2.3:a:e107:e107:0.617
-
cpe:2.3:a:e107:e107:0.6171
-
cpe:2.3:a:e107:e107:0.6175
-
cpe:2.3:a:e107:e107:0.6_10
-
cpe:2.3:a:e107:e107:0.6_11
-
cpe:2.3:a:e107:e107:0.6_12
-
cpe:2.3:a:e107:e107:0.6_13
-
cpe:2.3:a:e107:e107:0.6_14
-
cpe:2.3:a:e107:e107:0.6_15
-
cpe:2.3:a:e107:e107:0.6_15a
-
cpe:2.3:a:e107:e107:0.7
-
cpe:2.3:a:e107:e107:0.7.1
-
cpe:2.3:a:e107:e107:0.7.2