Lucene search

[email protected]CVE-2005-3596

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3596

2005-11-1607:42:00

[email protected]

web.nvd.nist.gov

aspknowledgebase

sql injection

vulnerability

remote attackers

authentication bypass

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.3%

JSON

SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp.

Affected configurations

NVD

Node

iisworksaspknowledgebase

CPENameOperatorVersion
iisworks:aspknowledgebaseiisworks aspknowledgebaseeq*

CPE	Name	Operator	Version
iisworks:aspknowledgebase	iisworks aspknowledgebase	eq	*

References

marc.info/?l=bugtraq&m=113156859811594&w=2

osvdb.org/20712

secunia.com/advisories/17517/

www.securityfocus.com/bid/15364/

www.vupen.com/english/advisories/2005/2375

exchange.xforce.ibmcloud.com/vulnerabilities/23038

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.3%

JSON

Related for CVE-2005-3596

nvd1 cvelist1