Vulnerabilities > CVE-2006-5936 - SQL Injection vulnerability in SiteXpress E-Commerce System Dept.ASP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in dept.asp in SiteXpress E-Commerce System allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | SiteXpress E-Commerce System Dept.ASP SQL Injection Vulnerability. CVE-2006-5936. Webapps exploit for asp platform |
id | EDB-ID:29010 |
last seen | 2016-02-03 |
modified | 2006-11-14 |
published | 2006-11-14 |
reporter | Aria-Security Team |
source | https://www.exploit-db.com/download/29010/ |
title | SiteXpress E-Commerce System Dept.ASP SQL Injection Vulnerability |