Vulnerability Description
Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jiros | Links Manager | 1.0 |
References
- http://secunia.com/advisories/23063Vendor Advisory
- http://securitytracker.com/id?1017280Vendor Advisory
- http://www.frsirt.com/english/reference-2006-4664-1.phpVendor Advisory
- http://www.securityfocus.com/archive/1/452265/100/0/threaded
- http://www.securityfocus.com/bid/21226ExploitVendor Advisory
- http://www.vupen.com/english/advisories/2006/4664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30462
- http://secunia.com/advisories/23063Vendor Advisory
- http://securitytracker.com/id?1017280Vendor Advisory
- http://www.frsirt.com/english/reference-2006-4664-1.phpVendor Advisory
- http://www.securityfocus.com/archive/1/452265/100/0/threaded
- http://www.securityfocus.com/bid/21226ExploitVendor Advisory
- http://www.vupen.com/english/advisories/2006/4664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30462
FAQ
What is CVE-2006-6147?
CVE-2006-6147 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to v...
How severe is CVE-2006-6147?
CVE-2006-6147 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6147?
Check the references section above for vendor advisories and patch information. Affected products include: Jiros Links Manager.