Lucene search

[email protected]CVE-2005-3478

HistoryNov 03, 2005 - 2:02 a.m.

CVE-2005-3478

2005-11-0302:02:00

[email protected]

web.nvd.nist.gov

cve

2005

3478

sql injection

index.php

phpcafe.net

tutorials manager

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.2%

JSON

SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

phpcafetutorial_managerMatch1.0_beta_2

CPENameOperatorVersion
phpcafe:tutorial_managerphpcafe tutorial managereq1.0_beta_2

CPE	Name	Operator	Version
phpcafe:tutorial_manager	phpcafe tutorial manager	eq	1.0_beta_2

References

www.osvdb.org/22795

www.securityfocus.com/archive/1/435206/100/0/threaded

www.securityfocus.com/bid/15244

exchange.xforce.ibmcloud.com/vulnerabilities/24604

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.2%

JSON

Related for CVE-2005-3478

cvelist1 nvd1