Vulnerabilities > CVE-2006-2794 - Remote Security vulnerability in Aspsitem 1.83
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | ASPSitem <= 2.0 Remote (SQL Injection / DB Disclosure) Vulnerabilities. CVE-2006-2793,CVE-2006-2794. Webapps exploit for asp platform |
id | EDB-ID:1845 |
last seen | 2016-01-31 |
modified | 2006-05-28 |
published | 2006-05-28 |
reporter | nukedx |
source | https://www.exploit-db.com/download/1845/ |
title | ASPSitem <= 2.0 - Remote SQL Injection / DB Disclosure Vulnerabilities |