Lucene search
MitreCVE-2005-4614HistoryJan 04, 2006 - 11:00 a.m.
CVE-2005-4614
2006-01-0411:00:00
mitre
web.nvd.nist.gov
31
cve-2005-4614
sql injection
digishop
remote attackers
arbitrary commands
installation path
cart.php
search module parameters
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.008
Percentile
81.7%
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.
Affected configurations
Node
sum_effect_softwaredigishopRange≤3.1.17
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sum_effect_software | digishop | * | cpe:2.3:a:sum_effect_software:digishop:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2005-4614
2005-12-31 05:00:00
CVE-2010-4633
2010-12-30 21:00:04
cvelist
cvelist
CVE-2005-4614
2006-01-04 11:00:00
CVE-2010-4633
2010-12-30 20:00:00
prion
prion
Sql injection
2010-12-30 21:00:00
cve
cve
CVE-2010-4633
2010-12-30 21:00:04
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.008
Percentile
81.7%
Related for CVE-2005-4614