Vulnerabilities > CVE-2006-6282 - HTML Injection And Directory Traversal vulnerability in Vikingboard 0.1.2

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
vikingboard
critical

Summary

members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invalid s parameter, a different vector than CVE-2006-4709. NOTE: might only be an exposure if display_errors is enabled, but due to lack of details, even this is not clear.

Vulnerable Configurations

Part Description Count
Application
Vikingboard
1