Vulnerability Details CVE-2006-5121
SQL injection vulnerability in modules/Downloads/admin.php in the Admin section of PostNuke 0.762 allows remote attackers to execute arbitrary SQL commands via the hits parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://community.postnuke.com/index.php?name=News&file=article&sid=2783
- http://secunia.com/advisories/22197
- http://securityreason.com/securityalert/1669
- http://www.securityfocus.com/archive/1/447361/100/0/threaded
- http://www.securityfocus.com/bid/20317
- http://www.vupen.com/english/advisories/2006/3886
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29271
- http://community.postnuke.com/index.php?name=News&file=article&sid=2783
- http://secunia.com/advisories/22197
- http://securityreason.com/securityalert/1669
- http://www.securityfocus.com/archive/1/447361/100/0/threaded
- http://www.securityfocus.com/bid/20317
- http://www.vupen.com/english/advisories/2006/3886
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29271
Products affected by CVE-2006-5121
-
cpe:2.3:a:postnuke_software_foundation:postnuke:0.762