Vulnerability Description
SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Soumu | Koukyoumuke Soumu Workflow | 01-00 |
| Soumu | Soumo Workflow | 01_00 |
| Soumu | Soumu Workflow | 02-00 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/23399Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS06-016_e/01-e.html
- http://www.vupen.com/english/advisories/2006/5114
- http://secunia.com/advisories/23399Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS06-016_e/01-e.html
- http://www.vupen.com/english/advisories/2006/5114
FAQ
What is CVE-2006-6706?
CVE-2006-6706 is a vulnerability with a CVSS score of 6.5 (MEDIUM). SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users...
How severe is CVE-2006-6706?
CVE-2006-6706 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6706?
Check the references section above for vendor advisories and patch information. Affected products include: Soumu Koukyoumuke Soumu Workflow, Soumu Soumo Workflow, Soumu Soumu Workflow.