Lucene search

K
cve[email protected]CVE-2005-1384
HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1384

2005-05-0304:00:00
web.nvd.nist.gov
28
cve-2005-1384
sql injection
phpcoin 1.2.2
remote attackers
security vulnerability
nvd

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.6%

Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.

Affected configurations

NVD
Node
coinsoft_technologiesphpcoinMatch1.2
OR
coinsoft_technologiesphpcoinMatch1.2.1
OR
coinsoft_technologiesphpcoinMatch1.2.1b

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.6%

Related for CVE-2005-1384