CVE-2005-3880

🗓️ 29 Nov 2005 11:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 37 Views🌐 WEB

Multiple SQL injection vulnerabilities in Omnistar KBase 4.

Reporter	Title	Published	Views	Family All 3
Cvelist	CVE-2005-3880	29 Nov 200511:00	–	cvelist
EUVD	EUVD-2005-3875	7 Oct 202500:30	–	euvd
NVD	CVE-2005-3880	29 Nov 200511:03	–	nvd

NVD

Node

omnistar_interactive omnistar_kbaseRange≤4.0

Source	Link
vupen	www.vupen.com/english/advisories/2005/2623
osvdb	www.osvdb.org/21204
securityfocus	www.securityfocus.com/bid/15635
secunia	www.secunia.com/advisories/17773
pridels0	www.pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html
osvdb	www.osvdb.org/21203

Parameter	Position	Path	Description	CWE
article_id	query param	users/comments.php	SQL injection vulnerability via article_id parameter in users/comments.php	CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
category_id	query param	users/kb.php	SQL injection vulnerability via category_id and id parameters in users/kb.php	CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
id	query param	users/kb.php	SQL injection vulnerability via category_id and id parameters in users/kb.php	CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

16 Jun 2026 22:17Current

9High risk

Vulners AI Score9

CVSS 27.5

EPSS0.01333

sql injection omnistar kbase security vulnerability remote attack nvd cve-2005-3880