7.5
CVSSv2

CVE-2006-2855

Published: 06/06/2006 Updated: 20/07/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL injection vulnerability in index.php in xueBook 1.0 allows remote malicious users to execute arbitrary SQL commands via the start parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

xuebook xuebook 1.0

Exploits

source: wwwsecurityfocuscom/bid/18262/info xueBook is prone to an SQL-injection vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabi ...