Lucene search
HistoryDec 14, 2005 - 11:03 a.m.
CVE-2005-4218
cve-2005-4218
sql injection
forum.php
phpwebthings 1.4
remote attackers
arbitrary sql commands
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.9%
SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different vulnerability than CVE-2005-3585.
Affected configurations
Node
phpwebthingsphpwebthingsMatch1.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpwebthings:phpwebthings | phpwebthings | eq | 1.4 |
Related
openvas
openvas
phpWebThings forum Parameter SQL Injection Vulnerabilities
2006-03-26 00:00:00
phpWebThings forum Parameter SQL Injection Vulnerabilities
2006-03-26 00:00:00
cvelist
cvelist
nvd
nvd
nessus
nessus
phpWebThings Multiple Scripts SQL Injection
2005-11-08 00:00:00
cve
cve
CVE-2005-3585
2005-11-16 07:42:00
CVE-2005-4226
2005-12-14 11:03:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.9%
Related for CVE-2005-4218