CVE-2006-2504
Summary
| CVE | CVE-2006-2504 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-05-22 19:02:00 UTC |
| Updated | 2018-10-18 16:40:00 UTC |
| Description | Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search and (2) cate parameters to (a) list.asp, and the (3) id and cate parameters to (b) admin_ok.asp. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityReason - Azboard <= 1.0 Multiple Sql Injections | SREASON | securityreason.com | |
| AZBoard List.ASP SQL Injection Vulnerability | BID | www.securityfocus.com | |
| 25528 | OSVDB | www.osvdb.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| user.chol.com/~jyj9782/sec/azboard_advisory.txt | MISC | user.chol.com | Exploit |
| Azboard Multiple SQL Injection Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| 25527 | OSVDB | www.osvdb.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.