Lucene search

[email protected]CVE-2005-3395

HistoryNov 01, 2005 - 12:47 p.m.

CVE-2005-3395

2005-11-0112:47:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3395

sql injection

invision gallery

nvd

security vulnerability

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

SQL injection vulnerability in Invision Gallery 2.0.3 allows remote attackers to execute arbitrary SQL commands via the st parameter.

CPENameOperatorVersion
invision_power_services:invision_galleryinvision power services invision galleryeq2.0.3

CPE	Name	Operator	Version
invision_power_services:invision_gallery	invision power services invision gallery	eq	2.0.3

References

secunia.com/advisories/17375

www.osvdb.org/20419

www.securityfocus.com/archive/1/415297

www.securityfocus.com/bid/15240

www.vupen.com/english/advisories/2005/2257

exchange.xforce.ibmcloud.com/vulnerabilities/22928

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2005-3395

cvelist1 nessus1