NVD

Id
63300  
Name
CVE-2006-4667  
Description
Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-09-08  
Modified Date
2011-03-07  
Seq
2006-4667  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
329841 63300 CVE-2006-4667 1532  View
329842 63300 CVE-2006-4667 http://www.hackers.ir/advisories/runcms.html  View
329843 63300 CVE-2006-4667 http://www.runcms.org/modules/mydownloads/viewcat.php?cid=5  View
329844 63300 CVE-2006-4667 20060907 Sql injection in RunCMS  View
329845 63300 CVE-2006-4667 19913  View
329846 63300 CVE-2006-4667 ADV-2006-3522  View
329847 63300 CVE-2006-4667 runcms-sessions-sql-injection(28806)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
60872 JVNDB-2006-003138 RunCMS における SQL インジェクションの脆弱性 RunCMS には、SQL インジェクションの脆弱性が存在します。 CVE-2006-4667 20769 CVE-2006-4667 63300 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003138.html 2006-09-08 2012-12-20 View