Lucene search
MitreCVE-2005-1875HistoryJun 07, 2005 - 4:00 a.m.
CVE-2005-1875
2005-06-0704:00:00
mitre
web.nvd.nist.gov
31
cve-2005-1875
sql injection
exhibit engine
ee 1.22
list.php
remote code execution
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.004
Percentile
73.4%
Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter.
Affected configurations
Node
exhibit_engineexhibit_engineMatch1.22
ORexhibit_engineexhibit_engineMatch1.54_rc4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| exhibit_engine | exhibit_engine | 1.22 | cpe:2.3:a:exhibit_engine:exhibit_engine:1.22:*:*:*:*:*:*:* |
| exhibit_engine | exhibit_engine | 1.54_rc4 | cpe:2.3:a:exhibit_engine:exhibit_engine:1.54_rc4:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2005-1875
2005-06-07 04:00:00
nessus
nessus
Exhibit Engine list.php Multiple Parameter SQL Injection
2005-06-06 00:00:00
nvd
nvd
CVE-2005-1875
2005-06-02 04:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.004
Percentile
73.4%
Related for CVE-2005-1875