CVE-2006-2701

SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to story submission.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/20316	Exploit Patch Vendor Advisory
http://www.geeklog.net/index.php?topic=Security	Patch
http://www.vupen.com/english/advisories/2006/2050
https://exchange.xforce.ibmcloud.com/vulnerabilities/26863
http://secunia.com/advisories/20316	Exploit Patch Vendor Advisory
http://www.geeklog.net/index.php?topic=Security	Patch
http://www.vupen.com/english/advisories/2006/2050
https://exchange.xforce.ibmcloud.com/vulnerabilities/26863

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:geeklog:geeklog::::::::
	cpe:2.3:a:geeklog:geeklog:1.3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.5:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.5_sr1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.6:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.7:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.7_sr1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.7_sr2:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.7_sr3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.7_sr4:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.7_sr5:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr2:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr4:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr5:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr6:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_rc1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_rc2:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_rc3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_sr1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_sr2:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_sr3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.9_sr4:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.10:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.10_rc1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.10_rc2:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.10_rc3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.11:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.11_rc1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.11_sr1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.11_sr2:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.11_sr3:::::::*
	cpe:2.3:a:geeklog:geeklog:1.3.11_sr4:::::::*
	cpe:2.3:a:geeklog:geeklog:1.4.0:::::::*
	cpe:2.3:a:geeklog:geeklog:1.4.0_beta1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.4.0_sr1:::::::*
	cpe:2.3:a:geeklog:geeklog:1.35:::::::*

History

21 Nov 2024, 00:11

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/20316 - Exploit, Patch, Vendor Advisory~~	() http://secunia.com/advisories/20316 - Exploit, Patch, Vendor Advisory
References	~~() http://www.geeklog.net/index.php?topic=Security - Patch~~	() http://www.geeklog.net/index.php?topic=Security - Patch
References	~~() http://www.vupen.com/english/advisories/2006/2050 -~~	() http://www.vupen.com/english/advisories/2006/2050 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/26863 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/26863 -

Information

Published : 2006-05-31 10:06

Updated : 2024-11-21 00:11

NVD link : CVE-2006-2701

Mitre link : CVE-2006-2701

CVE.ORG link : CVE-2006-2701

JSON object : View

Products Affected

geeklog

geeklog

CWE

NVD-CWE-Other

7.5 /10