Lucene search

[email protected]CVE-2005-0271

HistoryFeb 10, 2005 - 5:00 a.m.

CVE-2005-0271

2005-02-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0271

sql injection

reviewpost php pro

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.3%

JSON

Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showcat.php or (2) product parameter to addfav.php.

Affected configurations

NVD

Node

photopostreviewpost_php_proRange≤2.5.1

photopostreviewpost_php_proMatch1.0.2

photopostreviewpost_php_proMatch2.5

CPENameOperatorVersion
photopost:reviewpost_php_prophotopost reviewpost php prole2.5.1
photopost:reviewpost_php_prophotopost reviewpost php proeq1.0.2
photopost:reviewpost_php_prophotopost reviewpost php proeq2.5

CPE	Name	Operator	Version
photopost:reviewpost_php_pro	photopost reviewpost php pro	le	2.5.1
photopost:reviewpost_php_pro	photopost reviewpost php pro	eq	1.0.2
photopost:reviewpost_php_pro	photopost reviewpost php pro	eq	2.5

References

marc.info/?l=bugtraq&m=110485682424110&w=2

secunia.com/advisories/13697/

www.gulftech.org/?node=research&article_id=00062-01022005

exchange.xforce.ibmcloud.com/vulnerabilities/18732

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.3%

JSON

Related for CVE-2005-0271

nvd1 cvelist1 exploitpack1 exploitdb1