Lucene search
HistoryJun 22, 2005 - 4:00 a.m.
CVE-2005-1250
cve-2005-1250
sql injection
web security
ipswitch whatsup
nmconsole
login.asp
remote attack
nvd
8.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.963 High
EPSS
Percentile
99.5%
SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword parameter).
| CPE | Name | Operator | Version |
|---|---|---|---|
| ipswitch:whatsup | ipswitch whatsup | eq | professional_2005_sp1 |
Related
kaspersky
kaspersky
KLA10228 ACE vulnerability in WhatsUp Professional
2005-06-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Ipswitch WhatsUp Web Interface SQL Injection (CVE-2005-1250)
2009-09-30 00:00:00
securityvulns
securityvulns
nessus
nessus
Ipswitch WhatsUp Professional Login.asp Multiple Field SQL Injection
2005-06-23 00:00:00
cve
cve
CVE-2005-1690
2005-06-30 04:00:00
CVE-2005-1938
2005-06-30 04:00:00
8.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.963 High
EPSS
Percentile
99.5%
Related for CVE-2005-1250