CVE-2006-6927

EPSS 1.2%

Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via (1) the uname (username) and (2) pword (passwd) fields in (a) admin/default.asp; the (3) ID parameter to (b) listfull.asp or (c) printmain.asp; the (4) cat parameter to (d) listmain.asp, (e) searchoption.asp, or (f) searchmain.asp; the (5) Keyword parameter to (g) searchkey.asp; the (6) area parameter to searchmain.asp or searchoption.asp; the (7) searchin parameter to searchkey.asp; or the (8) cost1, (9) cost2, (10) acreage1, or (11) squarefeet1 parameters to searchoption.asp. NOTE: some of these details are obtained from third party information.

Affected products

n/a · n/a

public PoCs found — 7

exploitdbwww.exploit-db.com/exploits/29107unverified exploitdbwww.exploit-db.com/exploits/29108unverified exploitdbwww.exploit-db.com/exploits/29109unverified exploitdbwww.exploit-db.com/exploits/29110unverified exploitdbwww.exploit-db.com/exploits/29111unverified exploitdbwww.exploit-db.com/exploits/29112unverified exploitdbwww.exploit-db.com/exploits/29113unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/23049 http://securityreason.com/securityalert/2143 https://exchange.xforce.ibmcloud.com/vulnerabilities/30424 http://www.securityfocus.com/archive/1/452112/100/0/threaded http://www.securityfocus.com/bid/21191 http://www.vupen.com/english/advisories/2006/4630