Lucene search

[email protected]CVE-2005-4500

HistoryDec 22, 2005 - 9:03 p.m.

CVE-2005-4500

2005-12-2221:03:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2005-4500

sql injection

musicbox 2.3

remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON

SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, although it was later rediscovered.

Affected configurations

NVD

Node

musicboxmusicboxMatch2.3

CPENameOperatorVersion
musicbox:musicboxmusicboxeq2.3

CPE	Name	Operator	Version
musicbox:musicbox	musicbox	eq	2.3

References

archives.neohapsis.com/archives/bugtraq/2006-03/0515.html

secunia.com/advisories/18369

www.osvdb.org/22272

www.securityfocus.com/bid/16030

www.vupen.com/english/advisories/2006/0124

exchange.xforce.ibmcloud.com/vulnerabilities/24055

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON

Related for CVE-2005-4500

nvd2 cvelist1 cve1