Vulnerability Details CVE-2006-5184
SQL injection vulnerability in PKR Internet Taskjitsu before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the key parameter, when the limit query parameter is set to customerid.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22257
- http://securitytracker.com/id?1016978
- http://www.securityfocus.com/bid/20332
- http://www.vupen.com/english/advisories/2006/3903
- https://www.pkrinternet.com/download/RELEASE-NOTES.txt
- https://www.pkrinternet.com/taskjitsu/task/3517
- http://secunia.com/advisories/22257
- http://securitytracker.com/id?1016978
- http://www.securityfocus.com/bid/20332
- http://www.vupen.com/english/advisories/2006/3903
- https://www.pkrinternet.com/download/RELEASE-NOTES.txt
- https://www.pkrinternet.com/taskjitsu/task/3517
Products affected by CVE-2006-5184
-
cpe:2.3:a:pkr_internet:taskjitsu:*
-
cpe:2.3:a:pkr_internet:taskjitsu:0.1
-
cpe:2.3:a:pkr_internet:taskjitsu:2.0
-
cpe:2.3:a:pkr_internet:taskjitsu:2.0.1
-
cpe:2.3:a:pkr_internet:taskjitsu:2.0.3
-
cpe:2.3:a:pkr_internet:taskjitsu:2.0.4