Vulnerabilities > CVE-2006-5217 - SQL Injection vulnerability in Emek Portal Emek Portal 2.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
emek-portal
exploit available
NVD
Published: 2006-10-10
Updated: 2018-10-17

Summary

SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows remote attackers to execute arbitrary SQL commands by simultaneously injecting into the user name and pass fields in uyegiris.asp, also known as the Kullanici Adi (k_a) and Sifre (sifre) parameters.

Vulnerable Configurations

Part Description Count
Application
Emek_Portal
1

Exploit-Db

descriptionEmek Portal 2.1 Uyegiris.ASP SQL Injection Vulnerability. CVE-2006-5217 . Webapps exploit for asp platform
idEDB-ID:28768
last seen2016-02-03
modified2006-10-06
published2006-10-06
reporterDj ReMix
sourcehttps://www.exploit-db.com/download/28768/
titleEmek Portal 2.1 Uyegiris.ASP SQL Injection Vulnerability

References