Vulnerability Details : CVE-2006-7034

SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.

Vulnerability category: Sql Injection

Published 2007-02-23 03:28:00

Updated 2018-10-16 16:29:20

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-7034

Probability of exploitation activity in the next 30 days: 0.21%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-7034

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-7034

Products affected by CVE-2006-7034

Super Link Exchange Script » Super Link Exchange Script » Version: 1.0
cpe:2.3:a:super_link_exchange_script:super_link_exchange_script:1.0:*:*:*:*:*:*:*
Matching versions
When used together with: Apple » Mac Os X » Version: 10.4.9
When used together with: HP » Hp-ux
When used together with: HP » Tru64 » Version: 5.1b Pk2 Bl22
When used together with: IBM » AIX
When used together with: IBM » OS2
When used together with: Linux » Linux Kernel
When used together with: Microsoft » Windows 2000
When used together with: Microsoft » Windows 2003 Server » Version: SP2
When used together with: Microsoft » Windows 95
When used together with: Microsoft » Windows 98 » Update Gold
When used together with: Microsoft » Windows 98se
When used together with: Microsoft » Windows Me
When used together with: Microsoft » Windows Nt » Version: 4.0
When used together with: Microsoft » Windows Xp » Update Gold
When used together with: Santa Cruz Operation » Sco Unix
When used together with: SUN » Solaris
When used together with: Windriver » Bsdos