Lucene search

[email protected]CVE-2004-2263

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2263

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2263

sql injection

fr_left.php

playsms 0.7

nvd

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.3%

JSON

SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie.

CPENameOperatorVersion
playsms:playsmsplaysmseq0.6
playsms:playsmsplaysmseq0.7

CPE	Name	Operator	Version
playsms:playsms	playsms	eq	0.6
playsms:playsms	playsms	eq	0.7

References

securitytracker.com/id?1010984

sourceforge.net/project/shownotes.php?release_id=254915

www.osvdb.org/8984

www.securiteam.com/unixfocus/5UP0F2ADPS.html

www.securityfocus.com/bid/10970

exchange.xforce.ibmcloud.com/vulnerabilities/17031

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for CVE-2004-2263

openvas1