Vulnerabilities > CVE-2006-3213 - SQL Injection vulnerability in Webboa 1.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

webboa

exploit available

NVD

Published: 2006-06-24

Updated: 2018-10-18

Summary

SQL injection vulnerability in WeBBoA Hosting 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter to an unspecified script, possibly host/yeni_host.asp.

Vulnerable Configurations

Part	Description	Count
Application	Webboa Webboa Webboa 1.1	1

Exploit-Db

description	WeBBoA Host Script 1.1 Remote SQL Injection Vulnerability. CVE-2006-3213. Webapps exploit for asp platform
id	EDB-ID:1930
last seen	2016-01-31
modified	2006-06-19
published	2006-06-19
reporter	EntriKa
source	https://www.exploit-db.com/download/1930/
title	WeBBoA Host Script 1.1 - Remote SQL Injection Vulnerability

References

http://securityreason.com/securityalert/1140
http://securitytracker.com/id?1016341
http://www.securityfocus.com/archive/1/437635/100/0/threaded
http://www.securityfocus.com/bid/18564
http://www.vupen.com/english/advisories/2006/2448
https://exchange.xforce.ibmcloud.com/vulnerabilities/27389