Lucene search

[email protected]CVE-2005-4213

HistoryDec 14, 2005 - 11:03 a.m.

CVE-2005-4213

2005-12-1411:03:00

[email protected]

web.nvd.nist.gov

cve

2005

4213

sql injection

mod.php

phpcoin 1.2.2

remote attackers

arbitrary sql commands

phpcoinsessid cookie

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.052 Low

EPSS

Percentile

93.0%

JSON

SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie.

Affected configurations

NVD

Node

coinsoft_technologiesphpcoinMatch1.2.2

CPENameOperatorVersion
coinsoft_technologies:phpcoincoinsoft technologies phpcoineq1.2.2

CPE	Name	Operator	Version
coinsoft_technologies:phpcoin	coinsoft technologies phpcoin	eq	1.2.2

References

forums.phpcoin.com/index.php?showtopic=5469

rgod.altervista.org/phpcoin122.html

rgod.altervista.org/phpcoin_122_sql_xpl.html

secunia.com/advisories/18030

securitytracker.com/id?1015345

www.osvdb.org/21725

www.securityfocus.com/archive/1/419382/100/0/threaded

www.securityfocus.com/bid/15830

www.vupen.com/english/advisories/2005/2888

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.052 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2005-4213

cvelist1 nvd1 nessus1