Vulnerabilities > CVE-2006-2793 - SQL-Injection vulnerability in Aspsitem 1.83

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
aspsitem
exploit available
NVD
Published: 2006-06-03
Updated: 2018-10-18

Summary

SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.

Vulnerable Configurations

Part Description Count
Application
Aspsitem
2

Exploit-Db

descriptionASPSitem <= 2.0 Remote (SQL Injection / DB Disclosure) Vulnerabilities. CVE-2006-2793,CVE-2006-2794. Webapps exploit for asp platform
idEDB-ID:1845
last seen2016-01-31
modified2006-05-28
published2006-05-28
reporternukedx
sourcehttps://www.exploit-db.com/download/1845/
titleASPSitem <= 2.0 - Remote SQL Injection / DB Disclosure Vulnerabilities

References