CVE-2006-1001

critical

Description

SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter.

References

https://www.exploit-db.com/exploits/1526

https://exchange.xforce.ibmcloud.com/vulnerabilities/24940

http://www.vupen.com/english/advisories/2006/0747

http://www.osvdb.org/23533

http://secunia.com/advisories/19048

Details

Source: Mitre, NVD

Published: 2006-03-06

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01322

Detections

Analytics