CVE-2006-6152
published 2006-11-28CVE-2006-6152: Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.26%
66.0th percentile
Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vspin.net | classified_system | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UPDATE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UPDATE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"sort="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007439; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acces
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort ASCII
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort ASCII"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"sort="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007438; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acce
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state INSERT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state INSERT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"state="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007448; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UPDATE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UPDATE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"menuSelect="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007445; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UNION SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UNION SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"keyword="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007423; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_ta
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state ASCII
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state ASCII"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"state="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007450; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"state="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007446; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UNION SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort UNION SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"sort="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007435; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UNION SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect UNION SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"menuSelect="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007441; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001,
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"sort="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007434; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acce
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"order="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007428; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort DELETE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort DELETE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"sort="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007437; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acce
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UPDATE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UPDATE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"state="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007451; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Ac
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UPDATE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword UPDATE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"keyword="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007427; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Init
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat SELECT"; flow:established,to_server; http.uri; content:"/cat.asp?"; nocase; content:"cat="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007416; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_te
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"keyword="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007422; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Ini
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword DELETE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword DELETE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"keyword="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007425; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Ini
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat INSERT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat INSERT"; flow:established,to_server; http.uri; content:"/cat.asp?"; nocase; content:"cat="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007418; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_te
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect ASCII
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect ASCII"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"menuSelect="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007444; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat DELETE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat DELETE"; flow:established,to_server; http.uri; content:"/cat.asp?"; nocase; content:"cat="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007419; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_te
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UPDATE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UPDATE"; flow:established,to_server; http.uri; content:"/cat.asp?"; nocase; content:"cat="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007421; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_tec
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect DELETE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect DELETE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"menuSelect="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007443; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UNION SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat UNION SELECT"; flow:established,to_server; http.uri; content:"/cat.asp?"; nocase; content:"cat="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007417; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acc
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword INSERT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword INSERT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"keyword="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007424; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Ini
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order INSERT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order INSERT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"order="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007430; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UNION SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UNION SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"order="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007429; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UPDATE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order UPDATE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"order="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007433; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Ac
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"menuSelect="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007440; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword ASCII
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp keyword ASCII"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"keyword="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007426; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Ini
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort INSERT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp sort INSERT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"sort="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007436; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acce
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order DELETE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order DELETE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"order="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007431; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UNION SELECT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state UNION SELECT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"state="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007447; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat ASCII
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- cat.asp cat ASCII"; flow:established,to_server; http.uri; content:"/cat.asp?"; nocase; content:"cat="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007420; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_te
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect INSERT
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp menuSelect INSERT"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"menuSelect="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007442; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state DELETE
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp state DELETE"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"state="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007449; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6152 [HIGH] ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order ASCII
ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS vSpin.net Classified System SQL Injection Attempt -- search.asp order ASCII"; flow:established,to_server; http.uri; content:"/search.asp?"; nocase; content:"order="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2006-6152; reference:url,www.securityfocus.com/bid/21190; classtype:web-application-attack; sid:2007432; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Exploit-DB
vSpin Classified System 2004 - 'cat.asp?cat' SQL Injection
exploitdb·2006-11-20
CVE-2006-6152 vSpin Classified System 2004 - 'cat.asp?cat' SQL Injection
vSpin Classified System 2004 - 'cat.asp?cat' SQL Injection
---
source: https://www.securityfocus.com/bid/21190/info
vSpin Classified System is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
http://www.example.com/cat.asp?cat='[sql]
Exploit-DB
vSpin Classified System 2004 - 'search.asp' Multiple SQL Injections
exploitdb·2006-11-20
CVE-2006-6152 vSpin Classified System 2004 - 'search.asp' Multiple SQL Injections
vSpin Classified System 2004 - 'search.asp' Multiple SQL Injections
---
source: https://www.securityfocus.com/bid/21190/info
vSpin Classified System is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
http://www.example.com/search.asp?in=y&keyword='[sql]
http://www.example.com/search.asp?in=y&keyword=1&submit=Search&order='[sql]
http://www.example.com/search.asp?in=y&keyword=1&submit=Search&order=tbl_classads.col_id&sort='[sql]
ht
No writeups or analysis indexed.
http://s-a-p.ca/index.php?page=OurAdvisories&id=47http://secunia.com/advisories/22987http://securityreason.com/securityalert/1926http://securitytracker.com/id?1017259http://www.securityfocus.com/archive/1/452179/100/100/threadedhttp://www.securityfocus.com/bid/21190https://exchange.xforce.ibmcloud.com/vulnerabilities/30444http://s-a-p.ca/index.php?page=OurAdvisories&id=47http://secunia.com/advisories/22987http://securityreason.com/securityalert/1926http://securitytracker.com/id?1017259http://www.securityfocus.com/archive/1/452179/100/100/threadedhttp://www.securityfocus.com/bid/21190https://exchange.xforce.ibmcloud.com/vulnerabilities/30444
2006-11-28
Published