Vulnerability Details CVE-2006-3309
SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/20857
- http://www.osvdb.org/26870
- http://www.securityfocus.com/bid/18688
- http://www.vupen.com/english/advisories/2006/2560
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27401
- https://www.exploit-db.com/exploits/1957
- http://secunia.com/advisories/20857
- http://www.osvdb.org/26870
- http://www.securityfocus.com/bid/18688
- http://www.vupen.com/english/advisories/2006/2560
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27401
- https://www.exploit-db.com/exploits/1957
Products affected by CVE-2006-3309
-
cpe:2.3:a:internet_scout_project:scout_portal_toolkit:*