Lucene search

K
cve[email protected]CVE-2005-2723
HistoryAug 30, 2005 - 11:45 a.m.

CVE-2005-2723

2005-08-3011:45:00
web.nvd.nist.gov
24
cve-2005-2723
sql injection
auth.php
pafiledb
cookies
remote attackers

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote attackers to execute arbitrary SQL commands via the username value in the pafiledbcookie cookie.

Affected configurations

NVD
Node
php_arenapafiledbMatch3.1

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

Related for CVE-2005-2723