CVE-2006-2793

Aspsitem < 2.0 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.

Exploits (1)

exploitdb WORKING POC

webappsasp

https://www.exploit-db.com/exploits/1845

View Code ZIP pw:eip

References (6)

[Exploit, Vendor Advisory] http://www.nukedx.com/?viewdoc=39

[Exploit, Patch, Vendor Advisory] http://secunia.com/advisories/20355

[Third Party Advisory] http://securityreason.com/securityalert/745

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/435287/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26858

[Third Party Advisory] http://securityreason.com/securityalert/1021

Scores

EPSS 0.0202

EPSS Percentile 83.8%

Details

Status published

Products (2)

aspsitem/aspsitem 1.83

aspsitem/aspsitem < 2.0

Published Jun 03, 2006

Tracked Since Feb 18, 2026