Lucene search

[email protected]CVE-2004-2218

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2218

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2004

2218

sql injection

pmwh.php

phpmywebhosting

nvd

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.3%

JSON

SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter.

CPENameOperatorVersion
phpmywebhosting:phpmywebhostingphpmywebhostingle0.3.4

CPE	Name	Operator	Version
phpmywebhosting:phpmywebhosting	phpmywebhosting	le	0.3.4

References

archives.neohapsis.com/archives/bugtraq/2004-08/0207.html

archives.neohapsis.com/archives/bugtraq/2004-09/0247.html

www.osvdb.org/8976

www.securityfocus.com/bid/10942

exchange.xforce.ibmcloud.com/vulnerabilities/17005

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.3%

JSON

Related for CVE-2004-2218

nessus1