Vulnerabilities > CVE-2006-5513 - SQL Injection vulnerability in GeoNetwork Opensource Login

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

geonetwork

NVD

Published: 2006-10-26

Updated: 2017-07-20

Summary

SQL injection vulnerability in GeoNetwork opensource before 2.0.3 allows remote attackers to execute arbitrary SQL commands, and complete a login, via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Geonetwork Geonetwork Opensource *	1

References

http://secunia.com/advisories/22502
http://sourceforge.net/project/shownotes.php?release_id=457195
http://www.securityfocus.com/bid/20671
http://www.vupen.com/english/advisories/2006/4151
https://exchange.xforce.ibmcloud.com/vulnerabilities/29771