Vulnerabilities > CVE-2006-5892 - SQL Injection vulnerability in Aspired2Poll MoreInfo.ASP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

the-net-guys

exploit available

NVD

Published: 2006-11-14

Updated: 2018-10-17

Summary

SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Vulnerable Configurations

Part	Description	Count
Application	The_Net_Guys THE NET Guys Aspired2Poll *	1

Exploit-Db

description	AspPired2Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit. CVE-2006-5892. Webapps exploit for asp platform
file	exploits/asp/webapps/2746.pl
id	EDB-ID:2746
last seen	2016-01-31
modified	2006-11-09
platform	asp
port
published	2006-11-09
reporter	ajann
source	https://www.exploit-db.com/download/2746/
title	AspPired2Poll <= 1.0 MoreInfo.asp Remote SQL Injection Exploit
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References