Lucene search

[email protected]CVE-2005-1503

HistoryMay 11, 2005 - 4:00 a.m.

CVE-2005-1503

2005-05-1104:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1503

sql injection

midicart php

shopping cart

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) searchstring parameter to search_list.php, the (2) maingroup or (3) secondgroup parameters to item_list.php, or (4) code_no parameter to item_show.php.

Affected configurations

NVD

Node

midicart_softwaremidicart_php_shopping_cart

References

marc.info/?l=bugtraq&m=111533057918993&w=2

secunia.com/advisories/15269

www.hackgen.org/advisories/hackgen-2005-004.txt

www.osvdb.org/16175

www.osvdb.org/16176

www.osvdb.org/16177

www.securityfocus.com/bid/13512

www.securityfocus.com/bid/13513

www.securityfocus.com/bid/13514

www.securityfocus.com/bid/13515

exchange.xforce.ibmcloud.com/vulnerabilities/20428

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for CVE-2005-1503

nvd1 cvelist1