NVD
- Id
- 60343
- Name
- CVE-2006-1638
- Description
- Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or (i) reply_log.php; (2) p parameter to (j) dpost.php; (3) c parameter to (k) list.php or (l) ndis.php; or (12) q parameter to (m) search.php.
- Reject
- CVSS Version
- 2
- CVSS Score
- 5.1
- Severity
- Medium
- CVSS Base Score
- 5.1
- CVSS Impact Subscore
- 6.4
- CVSS Exploit Subscore
- 4.9
- CVSS Vector
- (AV:N/AC:H/Au:N/C:P/I:P/A:P)
- Pub Date
- 2016-12-20
- Published
- 2006-04-06
- Modified Date
- 2011-03-07
- Seq
- 2006-1638
