Basic search

K
cveCve@mitre.orgCVE-2005-0725
HistoryMar 08, 2005 - 5:00 a.m.

CVE-2005-0725

2005-03-0805:00:00
NVD-CWE-Other
cve@mitre.org
web.nvd.nist.gov
28
cve-2005-0725
sql injection
wfsfiles.php
wf-sections 1.07
remote code execution

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.6%

SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php.

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.6%

Related for CVE-2005-0725