Vulnerabilities > CVE-2006-5030 - SQL Injection vulnerability in ExV2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | exV2. CVE-2006-5030. Webapps exploit for php platform |
file | exploits/php/webapps/2406.php |
id | EDB-ID:2406 |
last seen | 2016-01-31 |
modified | 2006-09-21 |
platform | php |
port | |
published | 2006-09-21 |
reporter | rgod |
source | https://www.exploit-db.com/download/2406/ |
title | exV2 <= 2.0.4.3 - sort Remote SQL Injection Exploit |
type | webapps |