Vulnerabilities > CVE-2006-5943 - Input Validation vulnerability in Inventory Manager

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
website-designs-for-less
exploit available
NVD
Published: 2006-11-17
Updated: 2018-10-17

Summary

Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote attackers to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter.

Vulnerable Configurations

Part Description Count
Application
Website_Designs_For_Less
1

Exploit-Db

descriptionInventory Manager Multiple Input Validation Vulnerabilities. CVE-2006-5943. Webapps exploit for asp platform
idEDB-ID:29024
last seen2016-02-03
modified2006-11-14
published2006-11-14
reporterlaurent gaffie
sourcehttps://www.exploit-db.com/download/29024/
titleInventory Manager Multiple Input Validation Vulnerabilities

References