PT-2006-6781 · Jiros · Jiros Links Manager

Publicado

2006-11-28

Atualizado

2018-10-17

CVE-2006-6147

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions JiRos Links Manager (affected versions not specified)

Description The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited via the LinkID parameter to the "openlink.asp" endpoint or the CategoryID parameter to the "viewlinks.asp" endpoint.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-6147

Produtos afetados

Jiros Links Manager

PT-2006-6781 · Jiros · Jiros Links Manager

CVE-2006-6147

Identificadores relacionados

Produtos afetados

Referências · 10