CVE-2006-5221

Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-10 05:07:00.000-04
Last Modified2018-10-17 05:41:44.000-04

Vulnerable Software List

VendorProductVersions
Cahier De Textes Cahier De Textes 2.0

References

SourceLink
SREASON1701
BUGTRAQ20061007 Cahier de textes 2.0 Remote SQL injection Exploit
BID20389
VUPENADV-2006-3949
XFcahierdetexte-lire-sql-injection(29388)
EXPLOIT-DB2485