CVE-2006-3341 : SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp for Xoops

SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp for Xoops allows remote attackers to execute arbitrary SQL commands via the lid parameter.

Published 2006-07-03 18:05:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql Injection

Products affected by CVE-2006-3341

Myads » Myads » Version: 2.04jp
cpe:2.3:a:myads:myads:2.04jp:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-3341

EPSS FAQ

0.53%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 65 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-3341

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-3341

http://www.vupen.com/english/advisories/2006/2591
http://secunia.com/advisories/20882

Vendor Advisory
https://www.exploit-db.com/exploits/1961
http://www.securityfocus.com/bid/18718

Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/27455

Jump to

Vulnerability Details : CVE-2006-3341

Products affected by CVE-2006-3341

Exploit prediction scoring system (EPSS) score for CVE-2006-3341

CVSS scores for CVE-2006-3341

References for CVE-2006-3341