CVE-2006-1533 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

SQL injection vulnerability in newsletter.php in Sourceworkshop newsletter 1.0 allows remote attackers to execute arbitrary SQL commands via the newsletteremail parameter.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Sourceworkshop	Newsletter	1.0

References

http://evuln.com/vulns/107/summary.html
http://secunia.com/advisories/19425Vendor Advisory
http://www.osvdb.org/24229
http://www.securityfocus.com/archive/1/430375/100/0/threaded
http://www.securityfocus.com/bid/17304
http://www.vupen.com/english/advisories/2006/1148
https://exchange.xforce.ibmcloud.com/vulnerabilities/25498
http://evuln.com/vulns/107/summary.html
http://secunia.com/advisories/19425Vendor Advisory
http://www.osvdb.org/24229
http://www.securityfocus.com/archive/1/430375/100/0/threaded
http://www.securityfocus.com/bid/17304
http://www.vupen.com/english/advisories/2006/1148
https://exchange.xforce.ibmcloud.com/vulnerabilities/25498

FAQ

What is CVE-2006-1533?

CVE-2006-1533 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in newsletter.php in Sourceworkshop newsletter 1.0 allows remote attackers to execute arbitrary SQL commands via the newsletteremail parameter.

How severe is CVE-2006-1533?

CVE-2006-1533 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1533?

Check the references section above for vendor advisories and patch information. Affected products include: Sourceworkshop Newsletter.