Lucene search
HistoryDec 30, 2005 - 11:03 a.m.
CVE-2005-4586
cve
sql injection
phpsurveyor
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 allow remote attackers to execute arbitrary SQL commands via the (1) sql parameter in browse.php and the (2) sid, (3) lid, (4) gid, and (5) token parameters in certain PHP scripts.
Affected configurations
Node
phpsurveyorphpsurveyorMatch0.99
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpsurveyor:phpsurveyor | phpsurveyor | eq | 0.99 |
Related
openvas
openvas
PHPSurveyor sid SQL Injection Flaw
2006-03-26 00:00:00
PHPSurveyor sid SQL Injection Flaw
2006-03-26 00:00:00
nessus
nessus
PHPSurveyor Multiple SQL Injections
2006-01-03 00:00:00
cvelist
cvelist
CVE-2005-4586
2005-12-30 11:00:00
nvd
nvd
CVE-2005-4586
2005-12-30 11:03:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Related for CVE-2005-4586