PT-2006-2043 · Parodia · Parodia

Published

2006-03-06

Updated

2008-09-05

CVE-2006-1005

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Parodia versions 6.2 and earlier

Description The issue might allow remote attackers to obtain sensitive information by triggering an SQL error via an invalid AG ID parameter in the "agencyprofile.asp" page.

Recommendations For Parodia versions 6.2 and earlier, consider restricting access to the "agencyprofile.asp" page until a fix is available, and avoid using an invalid AG ID parameter to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1005

Affected Products

Parodia

PT-2006-2043 · Parodia · Parodia

CVE-2006-1005

Related Identifiers

Affected Products

References · 2