Lucene search

MitreCVE-2004-2192

HistoryJul 10, 2005 - 4:00 a.m.

CVE-2004-2192

2005-07-1004:00:00

mitre

web.nvd.nist.gov

cve-2004-2192

sql injection

tttadmin

settings.php

turbo traffic trader php 1.0

remote attackers

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.015

Percentile

87.1%

JSON

SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter.

Affected configurations

Nvd

Node

turbotraffictraderturbotraffictrader_phpMatch1.0

VendorProductVersionCPE
turbotraffictraderturbotraffictrader_php1.0cpe:2.3:a:turbotraffictrader:turbotraffictrader_php:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
turbotraffictrader	turbotraffictrader_php	1.0	cpe:2.3:a:turbotraffictrader:turbotraffictrader_php:1.0:::::::*

References

archives.neohapsis.com/archives/fulldisclosure/2004-10/0296.html

secunia.com/advisories/12785

securitytracker.com/id?1011609

www.osvdb.org/10639

www.securityfocus.com/bid/11358

exchange.xforce.ibmcloud.com/vulnerabilities/17676

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.015

Percentile

87.1%

JSON

Related for CVE-2004-2192