Lucene search
HistoryDec 05, 2005 - 1:03 a.m.
CVE-2005-4005
cve-2005-4005
sql injection
php-fusion
security vulnerability
remote attack
8.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.4%
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php.
Affected configurations
Node
php_fusionphp_fusionMatch6.00.109
| CPE | Name | Operator | Version |
|---|---|---|---|
| php_fusion:php_fusion | php fusion | eq | 6.00.109 |
Related
cvelist
cvelist
CVE-2005-4005
2005-12-05 01:00:00
CVE-2008-5335
2008-12-05 01:00:00
nvd
nvd
CVE-2005-4005
2005-12-05 01:03:00
CVE-2008-5335
2008-12-05 01:30:00
cve
cve
CVE-2008-5335
2008-12-05 01:30:00
prion
prion
Sql injection
2008-12-05 01:30:00
8.1 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.4%
Related for CVE-2005-4005