CVE-2006-0462 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to execute arbitrary SQL commands via the entrada parameter.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Andonet	Andonet Blog	2004.09.02

References

http://evuln.com/vulns/50/summary.htmlExploitVendor Advisory
http://secunia.com/advisories/18633
http://securityreason.com/securityalert/377
http://www.osvdb.org/22755
http://www.securityfocus.com/archive/1/423162
http://www.securityfocus.com/bid/16393
http://www.vupen.com/english/advisories/2006/0327
https://exchange.xforce.ibmcloud.com/vulnerabilities/24309
http://evuln.com/vulns/50/summary.htmlExploitVendor Advisory
http://secunia.com/advisories/18633
http://securityreason.com/securityalert/377
http://www.osvdb.org/22755
http://www.securityfocus.com/archive/1/423162
http://www.securityfocus.com/bid/16393
http://www.vupen.com/english/advisories/2006/0327

FAQ

What is CVE-2006-0462?

CVE-2006-0462 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to execute arbitrary SQL commands via the entrada parameter.

How severe is CVE-2006-0462?

CVE-2006-0462 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-0462?

Check the references section above for vendor advisories and patch information. Affected products include: Andonet Andonet Blog.