Vulnerabilities > CVE-2006-5675 - SQL Injection vulnerability in Pentaho Business Intelligence Suite 1.2Rc2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts. This vulnerability is addressed in the following product release: Pentaho, Business Intelligence Suite, 1.2 RC3 (1.2.0.470-RC3)
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Pentaho. CVE-2006-5675. Webapps exploit for jsp platform |
id | EDB-ID:9958 |
last seen | 2016-02-01 |
modified | 2009-10-15 |
published | 2009-10-15 |
reporter | antisnatchor |
source | https://www.exploit-db.com/download/9958/ |
title | Pentaho <= 1.7.0.1062 - XSS and information disclosure |