Lucene search

[email protected]CVE-2005-0858

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0858

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

sql injection

coolforum

nvd

security vulnerability

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.7%

JSON

Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php.

CPENameOperatorVersion
coolforum:coolforumcoolforumle0.8

CPE	Name	Operator	Version
coolforum:coolforum	coolforum	le	0.8

References

securitytracker.com/id?1013474

www.securityfocus.com/bid/12852

exchange.xforce.ibmcloud.com/vulnerabilities/19759

exchange.xforce.ibmcloud.com/vulnerabilities/19761

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.7%

JSON

Related for CVE-2005-0858

nessus1