Lucene search

K
cve[email protected]CVE-2005-2466
HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-2466

2005-12-3105:00:00
NVD-CWE-Other
web.nvd.nist.gov
16
cve-2005-2466
sql injection
remote attackers
admin.php
openbook 1.2.2
security vulnerability

9.6 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.7%

Multiple SQL injection vulnerabilities in the auth_user function in admin.php in OpenBook 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.

CPENameOperatorVersion
openbook:openbookopenbookeq1.2.2

9.6 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.7%