CVE-2006-3283

{"id": "CVE-2006-3283", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-06-28T22:05:00.000", "references": [{"url": "http://securityreason.com/securityalert/1164", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/438160/100/100/threaded", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27342", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the (1) pid parameter in picture.php, (2) mid parameter in mem.php, and the (3) sex and (4) relationship parameters in search.php."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en Dating Agent PRO v4.7.1 permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s (1)del par\u00e1metro pid en picture.php, (2) el par\u00e1metro mid en mem.php, y los par\u00e1metros (3) sex y (4) relationship en search.php."}], "lastModified": "2018-10-18T16:46:36.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:datetopia:dating_agent_pro:4.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D636B249-2A04-4411-8941-36F7C372FAD3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}