{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-07T00:00:00", "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "pblguestbook-pblguestbook-sql-injection(27624)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27624"}, {"name": "20060707 PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/439486/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.neosecurityteam.net/index.php?action=advisories&id=23"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3618", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "pblguestbook-pblguestbook-sql-injection(27624)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27624"}, {"name": "20060707 PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/439486/100/0/threaded"}, {"name": "http://www.neosecurityteam.net/index.php?action=advisories&id=23", "refsource": "MISC", "url": "http://www.neosecurityteam.net/index.php?action=advisories&id=23"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:39:53.953Z"}, "title": "CVE Program Container", "references": [{"name": "pblguestbook-pblguestbook-sql-injection(27624)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27624"}, {"name": "20060707 PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/439486/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.neosecurityteam.net/index.php?action=advisories&id=23"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3618", "datePublished": "2006-07-14T21:00:00", "dateReserved": "2006-07-14T00:00:00", "dateUpdated": "2024-08-07T18:39:53.953Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pixelated_by_lev:pixelated_by_lev_guestbook:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0909BD7-A423-41E1-9C62-779DDFF1BEF5", "versionEndIncluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n de SQL en pblguestbook.php en Pixelated By Leb (PBL) Guestbook 1.32 y anteriores permite a atacantes remotos ejecutar \u00f3rdenes SQL mediante los par\u00e1metros (1) 'name', (2) 'email', (3) 'website', (4) 'comments', (5) 'rate', y (6) 'private'"}], "id": "CVE-2006-3618", "lastModified": "2018-10-18T16:48:11.567", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-07-18T15:47:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.neosecurityteam.net/index.php?action=advisories&id=23"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/439486/100/0/threaded"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27624"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}