Vulnerabilities > CVE-2006-2972 - Unspecified vulnerability in Arantius Vice Stats 0.5Beta/1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
SQL injection vulnerability in vs_resource.php in Arantius Vice Stats 0.5b and 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://secunia.com/advisories/20512
- http://secunia.com/advisories/20512
- http://securityreason.com/securityalert/1073
- http://securityreason.com/securityalert/1073
- http://www.arantius.com/topic/vice+stats
- http://www.arantius.com/topic/vice+stats
- http://www.attrition.org/pipermail/vim/2006-June/000848.html
- http://www.attrition.org/pipermail/vim/2006-June/000848.html
- http://www.securityfocus.com/archive/1/436290/100/0/threaded
- http://www.securityfocus.com/archive/1/436290/100/0/threaded
- http://www.securityfocus.com/bid/18317
- http://www.securityfocus.com/bid/18317
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26985
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26985