CVE-2006-5675
Pentaho Business Intelligence Suite - SQL Injection via MySQL Scripts
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-5675. PoCs published by antisnatchor.
AI-analyzed exploit summary This is a detailed vulnerability writeup for Pentaho <= 1.7.0.1062, describing multiple issues including reflected XSS, password field autocomplete, and session token disclosure in URLs. It provides technical details and proof-of-concept examples but does not include executable exploit code.
Description
Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
Exploits (1)
This is a detailed vulnerability writeup for Pentaho <= 1.7.0.1062, describing multiple issues including reflected XSS, password field autocomplete, and session token disclosure in URLs. It provides technical details and proof-of-concept examples but does not include executable exploit code.