Lucene search

MitreCVE-2005-3876

HistoryNov 29, 2005 - 11:03 a.m.

CVE-2005-3876

2005-11-2911:03:00

mitre

web.nvd.nist.gov

sql injection

adcbrowres.php

ad center adc2000 ng pro

security vulnerabilities

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.004

Percentile

74.9%

JSON

Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ADC2000 NG Pro 1.2 and NG Pro Lite allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) lang parameters.

Affected configurations

Nvd

Node

td-systemsadc2000_ng_proMatch1.2

td-systemsadc2000_ng_pro_lite

VendorProductVersionCPE
td-systemsadc2000_ng_pro1.2cpe:2.3:a:td-systems:adc2000_ng_pro:1.2:*:*:*:*:*:*:*
td-systemsadc2000_ng_pro_lite*cpe:2.3:a:td-systems:adc2000_ng_pro_lite:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
td-systems	adc2000_ng_pro	1.2	cpe:2.3:a:td-systems:adc2000_ng_pro:1.2:::::::*
td-systems	adc2000_ng_pro_lite	*	cpe:2.3:a:td-systems:adc2000_ng_pro_lite::::::::

References

pridels0.blogspot.com/2005/11/adc2000-ng-pro-sql-inj-vuln.html

secunia.com/advisories/17744

www.osvdb.org/21131

www.securityfocus.com/bid/15595

www.vupen.com/english/advisories/2005/2613

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.004

Percentile

74.9%

JSON

Related for CVE-2005-3876