Vulnerabilities > CVE-2006-5936 - Unspecified vulnerability in Sitexpress E-Commerce System
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sitexpress
exploit available
Summary
SQL injection vulnerability in dept.asp in SiteXpress E-Commerce System allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | SiteXpress E-Commerce System Dept.ASP SQL Injection Vulnerability. CVE-2006-5936. Webapps exploit for asp platform |
| id | EDB-ID:29010 |
| last seen | 2016-02-03 |
| modified | 2006-11-14 |
| published | 2006-11-14 |
| reporter | Aria-Security Team |
| source | https://www.exploit-db.com/download/29010/ |
| title | SiteXpress E-Commerce System Dept.ASP SQL Injection Vulnerability |
References
- http://secunia.com/advisories/22899
- http://secunia.com/advisories/22899
- http://securityreason.com/securityalert/1870
- http://securityreason.com/securityalert/1870
- http://www.securityfocus.com/archive/1/451506/100/0/threaded
- http://www.securityfocus.com/archive/1/451506/100/0/threaded
- http://www.securityfocus.com/bid/21059
- http://www.securityfocus.com/bid/21059
- http://www.vupen.com/english/advisories/2006/4527
- http://www.vupen.com/english/advisories/2006/4527
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30265
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30265