CVE-2006-3543 (GCVE-0-2006-3543)

Vulnerability from cvelistv5 – Published: 2006-07-13 00:00 – Updated: 2024-08-07 18:30 Disputed
VLAI?
Summary
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.x and 2.x allow remote attackers to execute arbitrary SQL commands via the (1) idcat and (2) code parameters in a ketqua action in index.php; the id parameter in a (3) Attach and (4) ref action in index.php; the CODE parameter in a (5) Profile, (6) Login, and (7) Help action in index.php; and the (8) member_id parameter in coins_list.php. NOTE: the developer has disputed this issue, stating that the "CODE attribute is never present in an SQL query" and the "'ketqua' [action] and file 'coin_list.php' are not standard IPB 2.x features". It is unknown whether these vectors are associated with an independent module or modification of IPB
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/18836 vdb-entryx_refsource_BID
http://securityreason.com/securityalert/1231 third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/439145/100… mailing-listx_refsource_BUGTRAQ
http://www.osvdb.org/30084 vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/archive/1/439602/100… mailing-listx_refsource_BUGTRAQ
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:30:34.404Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18836",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18836"
          },
          {
            "name": "1231",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1231"
          },
          {
            "name": "20060704 Invision Power Board \"v1.X \u0026 2.X\" SQL Injection",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439145/100/0/threaded"
          },
          {
            "name": "30084",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/30084"
          },
          {
            "name": "20060710 Re: Invision Power Board \"v1.X \u0026 2.X\" SQL Injection",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439602/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.x and 2.x allow remote attackers to execute arbitrary SQL commands via the (1) idcat and (2) code parameters in a ketqua action in index.php; the id parameter in a (3) Attach and (4) ref action in index.php; the CODE parameter in a (5) Profile, (6) Login, and (7) Help action in index.php; and the (8) member_id parameter in coins_list.php.  NOTE: the developer has disputed this issue, stating that the \"CODE attribute is never present in an SQL query\" and the \"\u0027ketqua\u0027 [action] and file \u0027coin_list.php\u0027 are not standard IPB 2.x features\".  It is unknown whether these vectors are associated with an independent module or modification of IPB"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18836",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18836"
        },
        {
          "name": "1231",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1231"
        },
        {
          "name": "20060704 Invision Power Board \"v1.X \u0026 2.X\" SQL Injection",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439145/100/0/threaded"
        },
        {
          "name": "30084",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/30084"
        },
        {
          "name": "20060710 Re: Invision Power Board \"v1.X \u0026 2.X\" SQL Injection",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439602/100/0/threaded"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED **  Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.x and 2.x allow remote attackers to execute arbitrary SQL commands via the (1) idcat and (2) code parameters in a ketqua action in index.php; the id parameter in a (3) Attach and (4) ref action in index.php; the CODE parameter in a (5) Profile, (6) Login, and (7) Help action in index.php; and the (8) member_id parameter in coins_list.php.  NOTE: the developer has disputed this issue, stating that the \"CODE attribute is never present in an SQL query\" and the \"\u0027ketqua\u0027 [action] and file \u0027coin_list.php\u0027 are not standard IPB 2.x features\".  It is unknown whether these vectors are associated with an independent module or modification of IPB."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18836",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18836"
            },
            {
              "name": "1231",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1231"
            },
            {
              "name": "20060704 Invision Power Board \"v1.X \u0026 2.X\" SQL Injection",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439145/100/0/threaded"
            },
            {
              "name": "30084",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/30084"
            },
            {
              "name": "20060710 Re: Invision Power Board \"v1.X \u0026 2.X\" SQL Injection",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439602/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3543",
    "datePublished": "2006-07-13T00:00:00",
    "dateReserved": "2006-07-12T00:00:00",
    "dateUpdated": "2024-08-07T18:30:34.404Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3543\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-13T00:05:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[{\"sourceIdentifier\":\"cve@mitre.org\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.x and 2.x allow remote attackers to execute arbitrary SQL commands via the (1) idcat and (2) code parameters in a ketqua action in index.php; the id parameter in a (3) Attach and (4) ref action in index.php; the CODE parameter in a (5) Profile, (6) Login, and (7) Help action in index.php; and the (8) member_id parameter in coins_list.php.  NOTE: the developer has disputed this issue, stating that the \\\"CODE attribute is never present in an SQL query\\\" and the \\\"\u0027ketqua\u0027 [action] and file \u0027coin_list.php\u0027 are not standard IPB 2.x features\\\".  It is unknown whether these vectors are associated with an independent module or modification of IPB\"},{\"lang\":\"es\",\"value\":\"** IMPUGNADA ** M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Invision Power Board (IPB) 1.x y 2.x permiten a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros (1) idcat y (2) code en una acci\u00f3n ketqua de index.php; el par\u00e1metro id en una acci\u00f3n (3) Attach y (4) ref de index.php; el par\u00e1metro CODE en una acci\u00f3n (5) Profile, (6) Login, y (7) Help de index.php; y el par\u00e1metro (8) member_id de coins_list.php. NOTA: el desarrollador ha negado este problema, afirmando que \\\"el atributo CODE no est\u00e1 presente en una consulta SQL\\\" y \\\"[la acci\u00f3n] \u0027ketqua\u0027 y el archivo \u0027coin_list.php\u0027 no son funcionalidades est\u00e1ndar de IPB 2.x\\\". Se desconoce si estos vectores est\u00e1n asociados con un m\u00f3dulo independiente o una modificaci\u00f3n de IPB.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19CF6BD7-04F2-4D69-8402-EC4B637EA083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0C566E-2AC5-47A2-9246-2FBC87828690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B83740E-6C38-4BEB-84A2-6B0F01799DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29692429-A920-4BAD-9D79-D36EBE74EFB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D52AB16-A202-48B6-82C0-AD13EBCC7FCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C498DCB3-3CC7-4334-BF61-F5DA43F4B90F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99A7875E-DAF0-46CD-AE30-246EB3FC6BB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.3.1_final:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2103FBA-1B72-43FC-A1ED-28F8C7DA0EE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.3_final:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94FBF21B-CF52-41BB-BAF1-AF822586D28B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9AF155D-BDF6-4B5F-89BF-62CDE6FB48DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19B001F3-8A6E-423D-9382-AA696D193F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDDB243-B03B-4DFE-9234-FD886EA80C50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7139AE38-8E5D-4D1D-A126-9CD10CE13E2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E24336F-BD4C-4596-8FFE-9D53AB802BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_alpha3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14F5777B-25A8-4D20-AD24-A639E315582F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_pdr3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF0C787-BDC5-4154-809A-864DA3D4769D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23A69133-FF5A-457E-823F-64920A0DB9F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23C37B74-6486-46A2-AC2C-C27786ED697E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C63DDA0-9B4C-4D3E-9633-82C330753ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67ED0140-7137-4F8D-AEA1-53251D4D4273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75723F84-9989-4195-9827-E3A6DF2ABA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8BC2011-5D19-4AF2-BCCD-38A03D0175FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"232885C1-B578-4E6E-8472-FF47A17DF976\"}]}]}],\"references\":[{\"url\":\"http://securityreason.com/securityalert/1231\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/30084\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/439145/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/439602/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18836\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://securityreason.com/securityalert/1231\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/30084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/439145/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/439602/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18836\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.