Vulnerability Details CVE-2006-5707
SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22616
- http://securityreason.com/securityalert/1814
- http://securitytracker.com/id?1017137
- http://www.securityfocus.com/archive/1/450052/100/0/threaded
- http://www.securityfocus.com/archive/1/450054/100/0/threaded
- http://www.securityfocus.com/bid/20790
- http://www.vupen.com/english/advisories/2006/4263
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29866
- https://www.exploit-db.com/exploits/2675
- http://secunia.com/advisories/22616
- http://securityreason.com/securityalert/1814
- http://securitytracker.com/id?1017137
- http://www.securityfocus.com/archive/1/450052/100/0/threaded
- http://www.securityfocus.com/archive/1/450054/100/0/threaded
- http://www.securityfocus.com/bid/20790
- http://www.vupen.com/english/advisories/2006/4263
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29866
- https://www.exploit-db.com/exploits/2675
Products affected by CVE-2006-5707
-
cpe:2.3:a:phpeasydata_pro:phpeasydata_pro:1.4.1
-
cpe:2.3:a:phpeasydata_pro:phpeasydata_pro:2.2.1