CVE-2006-1766 — MEDIUM (6.4)

Q: How severe is CVE-2006-1766?

CVE-2006-1766 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-1766?

Check the references section above for vendor advisories and patch information. Affected products include: Papoo Papoo.

Vulnerability Description

Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php.

CVSS Score

6.4

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:P

Confidentiality

NONE

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Papoo	Papoo	<= 3_beta1

References

FAQ

What is CVE-2006-1766?

CVE-2006-1766 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php...

How severe is CVE-2006-1766?

CVE-2006-1766 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1766?

Check the references section above for vendor advisories and patch information. Affected products include: Papoo Papoo.