CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-5772

HIGH
7.5
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile5.46th
Published2006年11月6日
Last Modified2026年4月23日

Vulnerability Description

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) prod parameter.

Affected Platforms (CPE)

📦
Freewebshop

Freewebshop

<= 2.2.1

References & Advisories

🔗 http://secunia.com/advisories/22664
🔗 http://www.freewebshop.org/index.php?id=27
🔗 http://www.vupen.com/english/advisories/2006/4332
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/29990
🔗 https://www.exploit-db.com/exploits/2704
🔗 http://secunia.com/advisories/22664
🔗 http://www.freewebshop.org/index.php?id=27
🔗 http://www.vupen.com/english/advisories/2006/4332

関連する脆弱性情報

CVE-2007-05317.5

PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before 20070123 allows remote attacke...

CVE-2007-64667.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands ...

CVE-2006-58466.4

Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitr...

CVE-2006-58476.1

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary...