Lucene search

[email protected]CVE-2005-4230

HistoryDec 14, 2005 - 11:03 a.m.

CVE-2005-4230

2005-12-1411:03:00

[email protected]

web.nvd.nist.gov

cve-2005-4230

sql injection

link up gold

remote attackers

arbitrary sql commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.8%

JSON

SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the number parameter.

Affected configurations

NVD

Node

php_web_scriptslink_up_goldRange≤2.5

CPENameOperatorVersion
php_web_scripts:link_up_goldphp web scripts link up goldle2.5

CPE	Name	Operator	Version
php_web_scripts:link_up_gold	php web scripts link up gold	le	2.5

References

pridels0.blogspot.com/2005/12/link-up-gold-vuln.html

www.osvdb.org/21701

www.securityfocus.com/bid/15843

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.8%

JSON

Related for CVE-2005-4230

cvelist1 nvd1