{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-05-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search and (2) cate parameters to (a) list.asp, and the (3) id and cate parameters to (b) admin_ok.asp."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2006-1827", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1827"}, {"name": "25528", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25528"}, {"name": "17990", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17990"}, {"name": "25527", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25527"}, {"name": "20112", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20112"}, {"name": "azboard-list-adminok-sql-injection(26495)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26495"}, {"name": "20060515 Azboard <= 1.0 Multiple Sql Injections", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/434010/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://user.chol.com/~jyj9782/sec/azboard_advisory.txt"}, {"name": "928", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/928"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2504", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search and (2) cate parameters to (a) list.asp, and the (3) id and cate parameters to (b) admin_ok.asp."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2006-1827", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1827"}, {"name": "25528", "refsource": "OSVDB", "url": "http://www.osvdb.org/25528"}, {"name": "17990", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17990"}, {"name": "25527", "refsource": "OSVDB", "url": "http://www.osvdb.org/25527"}, {"name": "20112", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20112"}, {"name": "azboard-list-adminok-sql-injection(26495)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26495"}, {"name": "20060515 Azboard <= 1.0 Multiple Sql Injections", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/434010/100/0/threaded"}, {"name": "http://user.chol.com/~jyj9782/sec/azboard_advisory.txt", "refsource": "MISC", "url": "http://user.chol.com/~jyj9782/sec/azboard_advisory.txt"}, {"name": "928", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/928"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2504", "datePublished": "2006-05-22T19:00:00", "dateReserved": "2006-05-22T00:00:00", "dateUpdated": "2018-10-18T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:azboard:azboard:*:*:*:*:*:*:*:*", "matchCriteriaId": "6ECFF393-56D6-4833-AD74-8B5418D668DA", "versionEndIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search and (2) cate parameters to (a) list.asp, and the (3) id and cate parameters to (b) admin_ok.asp."}], "id": "CVE-2006-2504", "lastModified": "2018-10-18T16:40:26.820", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-05-22T19:02:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/20112"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/928"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://user.chol.com/~jyj9782/sec/azboard_advisory.txt"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25527"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25528"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/434010/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/17990"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/1827"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26495"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}