CVE-2006-3662

NONECVSS 0.0

0.0

SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." However, the relevant source code suggests that this issue may be legitimate, and the parameter is cleansed in 1.5.3.1

🔗 References (12)

cve@mitrehttp://archives.neohapsis.com/archives/bugtraq/2006-07/0096.html
cve@mitrehttp://www.osvdb.org/28188
cve@mitrehttp://www.securityfocus.com/archive/1/439873/100/100/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/440837/100/100/threaded
cve@mitrehttp://www.securityfocus.com/bid/18898
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/27620
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2006-07/0096.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/28188
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/439873/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/440837/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18898
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27620

Is Your Infrastructure Affected by CVE-2006-3662?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-3662

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-3662?