Lucene search

[email protected]CVE-2005-4461

HistoryDec 21, 2005 - 8:03 p.m.

CVE-2005-4461

2005-12-2120:03:00

[email protected]

web.nvd.nist.gov

cve

2005

4461

sql injection

beehive forum

index.php

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_sess parameter.

Affected configurations

NVD

Node

beehive_forumbeehive_forumMatch0.1

beehive_forumbeehive_forumMatch0.1.1

beehive_forumbeehive_forumMatch0.2

beehive_forumbeehive_forumMatch0.3

beehive_forumbeehive_forumMatch0.3.1

beehive_forumbeehive_forumMatch0.4

beehive_forumbeehive_forumMatch0.5

beehive_forumbeehive_forumMatch0.6.2

beehive_forumbeehive_forumMatch0.6rc1

beehive_forumbeehive_forumMatch0.6rc2

References

cvs.sourceforge.net/viewcvs.py/beehiveforum/beehiveforum/forum/index.php?rev=1.121&view=log

kapda.ir/advisory-158.html

securityreason.com/securityalert/284

www.osvdb.org/21955

www.securityfocus.com/archive/1/419988/100/0/threaded

www.securityfocus.com/bid/16521

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2005-4461

nvd1 cvelist1