Lucene search

[email protected]CVE-2005-0935

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0935

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0935

sql injection

esmi paypal storefront

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php.

Affected configurations

NVD

Node

esmipaypal_storefrontMatch1.7

CPENameOperatorVersion
esmi:paypal_storefrontesmi paypal storefronteq1.7

CPE	Name	Operator	Version
esmi:paypal_storefront	esmi paypal storefront	eq	1.7

References

marc.info/?l=bugtraq&m=111221890614271&w=2

secunia.com/advisories/14711

securitytracker.com/id?1013563

www.hackerscenter.com/Archive/view.asp?id=1774

www.osvdb.org/15057

www.osvdb.org/15058

www.securityfocus.com/bid/12903

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for CVE-2005-0935

nvd1 cvelist1