Vulnerabilities > CVE-2006-6208 - Unspecified vulnerability in Enthrallweb Eclassifieds
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN enthrallweb
exploit available
Summary
Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id parameters to (a) ad.asp, the (5) cid parameter to (b) dircat.asp, and the (6) sid parameter to (c) dirSub.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Enthrallweb eClassifieds dirSub.asp sid Parameter SQL Injection. CVE-2006-6208. Webapps exploit for asp platform id EDB-ID:29120 last seen 2016-02-03 modified 2006-11-20 published 2006-11-20 reporter laurent gaffie source https://www.exploit-db.com/download/29120/ title Enthrallweb eClassifieds dirSub.asp sid Parameter SQL Injection description Enthrallweb eClassifieds dircat.asp cid Parameter SQL Injection. CVE-2006-6208. Webapps exploit for asp platform id EDB-ID:29119 last seen 2016-02-03 modified 2006-11-20 published 2006-11-20 reporter laurent gaffie source https://www.exploit-db.com/download/29119/ title Enthrallweb eClassifieds dircat.asp cid Parameter SQL Injection description Enthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection. CVE-2006-6208. Webapps exploit for asp platform id EDB-ID:29118 last seen 2016-02-03 modified 2006-11-20 published 2006-11-20 reporter laurent gaffie source https://www.exploit-db.com/download/29118/ title Enthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection
References
- http://s-a-p.ca/index.php?page=OurAdvisories&id=46
- http://www.securityfocus.com/bid/21192
- http://secunia.com/advisories/23050
- http://securityreason.com/securityalert/1943
- http://www.vupen.com/english/advisories/2006/4642
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30423
- http://www.securityfocus.com/archive/1/452102/100/100/threaded