CVE-2006-3318

{"id": "CVE-2006-3318", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-06-29T21:05:00.000", "references": [{"url": "http://secunia.com/advisories/20865", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2006-47/advisory/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://securityreason.com/securityalert/1173", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/438706/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.vupen.com/english/advisories/2006/2593", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27459", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/20865", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/secunia_research/2006-47/advisory/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/1173", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/438706/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/2593", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27459", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in register.php for phpRaid 3.0.6 and possibly other versions, when the authorization type is phpraid, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) email parameters."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en register.php de phpRaid v3.0.6 y probablemente otras versiones, cuando el tipo autorizaci\u00f3n es \"phpraid\", permite a atacantes remotos ejecutar comandos SQL a su elecci\u00f3n a trav\u00e9s del par\u00e1metro (1)raid_id y (2) email."}], "lastModified": "2024-11-21T00:13:21.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:spiffyjr:phpraid:3.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2080E07-A725-49A9-AECE-AA3FE5F94867"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com"}