Vulnerability Description
SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hosting Controller | Hosting Controller | 6.1_hotfix_2.8 |
References
- http://secunia.com/advisories/18731Vendor Advisory
- http://securitytracker.com/id?1015584Exploit
- http://www.osvdb.org/22982
- http://www.osvdb.org/22983
- http://www.vupen.com/english/advisories/2006/0460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24537
- http://secunia.com/advisories/18731Vendor Advisory
- http://securitytracker.com/id?1015584Exploit
- http://www.osvdb.org/22982
- http://www.osvdb.org/22983
- http://www.vupen.com/english/advisories/2006/0460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24537
FAQ
What is CVE-2006-0581?
CVE-2006-0581 is a vulnerability with a CVSS score of 6.5 (MEDIUM). SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySetti...
How severe is CVE-2006-0581?
CVE-2006-0581 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0581?
Check the references section above for vendor advisories and patch information. Affected products include: Hosting Controller Hosting Controller.