NVD

Id
64770  
Name
CVE-2006-6209  
Description
Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart and ASP Plus Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) id2006quant parameter to (a) item_show.asp, or the (2) maingroup or (3) secondgroup parameter to (b) item_list.asp. NOTE: the code_no parameter to Item_Show.asp is covered by CVE-2005-2601.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-11-30  
Modified Date
2008-09-05  
Seq
2006-6209  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
338250 64770 CVE-2006-6209 1947  View
338251 64770 CVE-2006-6209 http://www.aria-security.com/forum/showthread.php?t=42  View
338252 64770 CVE-2006-6209 20061124 [Aria-Security Team] MidiCart ASP Plus Shopping Cart SQL Injection  View
338253 64770 CVE-2006-6209 20061124 [Aria-Security Team] MidiCart ASP Shopping Cart SQL Injection  View
338254 64770 CVE-2006-6209 21273  View
338255 64770 CVE-2006-6209 midicart-itemshow-sql-injection(30506)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
60208 JVNDB-2006-002474 MidiCart ASP Shopping Cart などにおける SQL インジェクションの脆弱性 MidiCart ASP Shopping Cart および ASP Plus Shopping Cart には、SQL インジェクションの脆弱性が存在します。 CVE-2006-6209 22311 CVE-2006-6209 64770 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002474.html 2006-11-30 2012-09-25 View