CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2006-4497

HIGH
7.5
CVSS Severity Score
EPSS Score0.1690%
EPSS Percentile12.26th
Published2006年8月31日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected Platforms (CPE)

📦
Iwebnegar

Iwebnegar

= 1.1

References & Advisories

🔗 http://securityreason.com/securityalert/1480
🔗 http://www.securityfocus.com/archive/1/444744/100/0/threaded
🔗 http://www.securityfocus.com/bid/19757
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/28665
🔗 http://securityreason.com/securityalert/1480
🔗 http://www.securityfocus.com/archive/1/444744/100/0/threaded
🔗 http://www.securityfocus.com/bid/19757
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/28665

相關漏洞威脅

CVE-2004-140210.0

SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter fo...

CVE-2006-44964.3

Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to inject arbitrary web script o...

CVE-2006-640910.0

F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and ...

CVE-2006-644310.0

Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client...