Published: 08/12/2006 Updated: 29/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Link Content Management Server

Multiple SQL injection vulnerabilities in LINK Content Management Server (CMS) allow remote malicious users to execute arbitrary SQL commands via the (1) IDMeniGlavni parameter to navigacija.php, and the (2) IDStranicaPodaci parameter to prikazInformacije.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
link content management server link content management server

source: wwwsecurityfocuscom/bid/21464/info Link CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compr ...

source: wwwsecurityfocuscom/bid/21464/info Link CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, comprom ...

NVD-CWE-Other http://secunia.com/advisories/23107 http://www.securityfocus.com/bid/21464 https://exchange.xforce.ibmcloud.com/vulnerabilities/30744 https://nvd.nist.gov https://www.exploit-db.com/exploits/29233/

CVE-2006-6387

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect