Vulnerabilities > CVE-2006-6399 - SQL-Injection vulnerability in Superfreaker Studios Upublisher 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
superfreaker-studios

Summary

SQL injection vulnerability in Superfreaker Studios UPublisher 1.0 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. NOTE: the provenance of this information is unknown; details are obtained from third party sources.

Vulnerable Configurations

Part Description Count
Application
Superfreaker_Studios
1