Lucene search

[email protected]CVE-2005-3772

HistoryNov 23, 2005 - 12:03 a.m.

CVE-2005-3772

2005-11-2300:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

security

joomla

sql injection

vulnerability

nvd

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON

Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.

CPENameOperatorVersion
joomla:joomlajoomlaeq1.0
joomla:joomlajoomlaeq1.0.1
joomla:joomlajoomlaeq1.0.3
joomla:joomlajoomlaeq1.0.2

CPE	Name	Operator	Version
joomla:joomla	joomla	eq	1.0
joomla:joomla	joomla	eq	1.0.1
joomla:joomla	joomla	eq	1.0.3
joomla:joomla	joomla	eq	1.0.2

References

secunia.com/advisories/17675

www.joomla.org/content/view/499/66/

www.osvdb.org/21042

www.osvdb.org/21043

www.securityfocus.com/bid/15526

www.vupen.com/english/advisories/2005/2526

exchange.xforce.ibmcloud.com/vulnerabilities/23177

exchange.xforce.ibmcloud.com/vulnerabilities/23178

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON