Lucene search

K
cve[email protected]CVE-2005-1384
HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1384

2005-05-0304:00:00
web.nvd.nist.gov
28
cve-2005-1384
sql injection
phpcoin 1.2.2
remote attackers
security vulnerability
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.

Affected configurations

NVD
Node
coinsoft_technologiesphpcoinMatch1.2
OR
coinsoft_technologiesphpcoinMatch1.2.1
OR
coinsoft_technologiesphpcoinMatch1.2.1b

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

Related for CVE-2005-1384