CVE-2006-4238 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2006-4238?

CVE-2006-4238 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter in category mode.

Q: How severe is CVE-2006-4238?

CVE-2006-4238 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-4238?

Check the references section above for vendor advisories and patch information. Affected products include: Wtcom Web Torrent.

Vulnerability Description

SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter in category mode.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Wtcom	Web Torrent	<= 0.2.4_alpha

References

http://www.securityfocus.com/bid/19569Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/28426
https://www.exploit-db.com/exploits/2200
http://www.securityfocus.com/bid/19569Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/28426
https://www.exploit-db.com/exploits/2200

FAQ

What is CVE-2006-4238?

CVE-2006-4238 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter in category mode.

How severe is CVE-2006-4238?

CVE-2006-4238 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-4238?

Check the references section above for vendor advisories and patch information. Affected products include: Wtcom Web Torrent.