Vulnerabilities > CVE-2006-2296 - SQL Injection vulnerability in EDirectoryPro Search_result.ASP

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
keyvan1-com
exploit available

Summary

SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Configurations

Part Description Count
Application
Keyvan1.Com
1

Exploit-Db

descriptionEDirectoryPro Search_result.ASP SQL Injection Vulnerability. CVE-2006-2296. Webapps exploit for asp platform
idEDB-ID:27849
last seen2016-02-03
modified2006-05-09
published2006-05-09
reporterDj_Eyes
sourcehttps://www.exploit-db.com/download/27849/
titleEDirectoryPro Search_result.ASP SQL Injection Vulnerability