Vulnerabilities > CVE-2006-6208 - Unspecified vulnerability in Enthrallweb Eclassifieds

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
enthrallweb
exploit available
NVD
Published: 2006-12-01
Updated: 2024-02-14

Summary

Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id parameters to (a) ad.asp, the (5) cid parameter to (b) dircat.asp, and the (6) sid parameter to (c) dirSub.asp.

Vulnerable Configurations

Part Description Count
Application
Enthrallweb
1

Exploit-Db

  • descriptionEnthrallweb eClassifieds dirSub.asp sid Parameter SQL Injection. CVE-2006-6208. Webapps exploit for asp platform
    idEDB-ID:29120
    last seen2016-02-03
    modified2006-11-20
    published2006-11-20
    reporterlaurent gaffie
    sourcehttps://www.exploit-db.com/download/29120/
    titleEnthrallweb eClassifieds dirSub.asp sid Parameter SQL Injection
  • descriptionEnthrallweb eClassifieds dircat.asp cid Parameter SQL Injection. CVE-2006-6208. Webapps exploit for asp platform
    idEDB-ID:29119
    last seen2016-02-03
    modified2006-11-20
    published2006-11-20
    reporterlaurent gaffie
    sourcehttps://www.exploit-db.com/download/29119/
    titleEnthrallweb eClassifieds dircat.asp cid Parameter SQL Injection
  • descriptionEnthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection. CVE-2006-6208. Webapps exploit for asp platform
    idEDB-ID:29118
    last seen2016-02-03
    modified2006-11-20
    published2006-11-20
    reporterlaurent gaffie
    sourcehttps://www.exploit-db.com/download/29118/
    titleEnthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection

References