Vulnerabilities > CVE-2006-6220 - SQL Injection vulnerability in Recipes Complete Website Recipes Complete Website 1.1.14

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
recipes-complete-website
exploit available
NVD
Published: 2006-12-01
Updated: 2017-10-19

Summary

Multiple SQL injection vulnerabilities in Recipes Website (Recipes Complete Website) 1.1.14 allow remote attackers to execute arbitrary SQL commands via the (1) recipeid parameter to recipe.php or the (2) categoryid parameter to list.php.

Vulnerable Configurations

Part Description Count
Application
Recipes_Complete_Website
1

Exploit-Db

descriptionRecipes Complete Website 1.1.14 Remote SQL Injection Vulnerabilities. CVE-2006-6220. Webapps exploit for php platform
fileexploits/php/webapps/2834.txt
idEDB-ID:2834
last seen2016-01-31
modified2006-11-23
platformphp
port
published2006-11-23
reporterGregStar
sourcehttps://www.exploit-db.com/download/2834/
titleRecipes Complete Website 1.1.14 - Remote SQL Injection Vulnerabilities
typewebapps

References