CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3188

Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.vupen.com/english/advisories/2006/2426
https://exchange.xforce.ibmcloud.com/vulnerabilities/27499
http://www.vupen.com/english/advisories/2006/2426
https://exchange.xforce.ibmcloud.com/vulnerabilities/27499

Products affected by CVE-2006-3188

Sharky E-Shop » Sharky E-Shop » Version: Any

cpe:2.3:a:sharky_e-shop:sharky_e-shop:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3188

Products

Pricing

Contact Us