Lucene search

[email protected]CVE-2005-0856

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0856

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0856

coolforum

sql injection

security vulnerability

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.9%

JSON

CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to (1) alert.php or (2) viewip.php, possibly due to a SQL injection vulnerability.

CPENameOperatorVersion
coolforum:coolforumcoolforumle0.8.1_beta

CPE	Name	Operator	Version
coolforum:coolforum	coolforum	le	0.8.1_beta

References

seclists.org/lists/bugtraq/2005/Mar/0358.html

securitytracker.com/id?1013474

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.9%

JSON