Lucene search
MitreCVE-2005-4408HistoryDec 20, 2005 - 11:03 a.m.
CVE-2005-4408
2005-12-2011:03:00
mitre
web.nvd.nist.gov
27
cve-2005-4408
sql injection
miraserver
remote attackers
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
9
Confidence
Low
EPSS
0.005
Percentile
75.5%
Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.
Affected configurations
Node
pc_mediamiraserverRange≤1.0_rc4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pc_media | miraserver | * | cpe:2.3:a:pc_media:miraserver:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Miraserver 1.0 RC4 - 'article.php?cat' SQL Injection
2005-12-19 00:00:00
Miraserver 1.0 RC4 - 'newsitem.php?id' SQL Injection
2005-12-19 00:00:00
Miraserver 1.0 RC4 - 'index.php?page' SQL Injection
2005-12-19 00:00:00
nvd
nvd
CVE-2005-4408
2005-12-20 11:03:00
cvelist
cvelist
CVE-2005-4408
2005-12-20 11:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
9
Confidence
Low
EPSS
0.005
Percentile
75.5%
Related for CVE-2005-4408