Lucene search

[email protected]CVE-2005-1310

HistoryApr 23, 2005 - 4:00 a.m.

CVE-2005-1310

2005-04-2304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

bblog 0.7.4

remote attackers

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.5%

JSON

SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter.

CPENameOperatorVersion
eaden_mckee:bblogeaden mckee bblogeq0.7.4

CPE	Name	Operator	Version
eaden_mckee:bblog	eaden mckee bblog	eq	0.7.4

References

securitytracker.com/id?1013811

sourceforge.net/tracker/index.php?func=detail&aid=1188735&group_id=81992&atid=564683

www.osvdb.org/15756

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.5%

JSON

Related for CVE-2005-1310

nessus1