Vulnerability Details CVE-2006-2836
SQL injection vulnerability in comment.php in Pineapple Technologies Lore 1.5.6 and earlier allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://pridels0.blogspot.com/2006/06/lore-156-sql-injection-vuln.html
- http://secunia.com/advisories/20385
- http://www.securityfocus.com/bid/18206
- http://www.vupen.com/english/advisories/2006/2083
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26801
- http://pridels0.blogspot.com/2006/06/lore-156-sql-injection-vuln.html
- http://secunia.com/advisories/20385
- http://www.securityfocus.com/bid/18206
- http://www.vupen.com/english/advisories/2006/2083
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26801
Products affected by CVE-2006-2836
-
cpe:2.3:a:pineapple_technologies:lore:*