CVE-2006-3135

NONECVSS 0.0

0.0

Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id parameter in (c) the webshop module, (4) username parameter in (d) index.php, and (5) Name, (6) Address, (7) Zip, (8) City, (9) Country, and (10) Email fields during (e) a user profile update.

🔗 References (20)

PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/20589
PSIRT-CNA@flexerasoftwarehttp://secunia.com/secunia_research/2006-52/advisory/
PSIRT-CNA@flexerasoftwarehttp://securityreason.com/securityalert/1236
PSIRT-CNA@flexerasoftwarehttp://www.osvdb.org/27139
PSIRT-CNA@flexerasoftwarehttp://www.osvdb.org/27140
PSIRT-CNA@flexerasoftwarehttp://www.osvdb.org/27141
PSIRT-CNA@flexerasoftwarehttp://www.osvdb.org/27142
PSIRT-CNA@flexerasoftwarehttp://www.osvdb.org/27143
PSIRT-CNA@flexerasoftwarehttp://www.vupen.com/english/advisories/2006/2783
PSIRT-CNA@flexerasoftwarehttps://exchange.xforce.ibmcloud.com/vulnerabilities/27712
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20589
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2006-52/advisory/
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1236
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27139
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27140

Is Your Infrastructure Affected by CVE-2006-3135?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-3135

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-3135?