Lucene search

[email protected]CVE-2005-4055

HistoryDec 07, 2005 - 11:03 a.m.

CVE-2005-4055

2005-12-0711:03:00

[email protected]

web.nvd.nist.gov

cve

sql injection

index.php

cars portal 1.1

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

JSON

SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters.

Affected configurations

NVD

Node

cars_portalcars_portalRange≤1.1

CPENameOperatorVersion
cars_portal:cars_portalcars portalle1.1

CPE	Name	Operator	Version
cars_portal:cars_portal	cars portal	le	1.1

References

pridels0.blogspot.com/2005/12/cars-portal-v1x-sql-injection.html

secunia.com/advisories/17914

www.osvdb.org/21482

www.securityfocus.com/bid/15747

www.vupen.com/english/advisories/2005/2747

exchange.xforce.ibmcloud.com/vulnerabilities/23428

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for CVE-2005-4055

nvd1 cvelist1