Lucene search

[email protected]CVE-2005-4743

HistoryMar 19, 2006 - 11:00 p.m.

CVE-2005-4743

2006-03-1923:00:00

[email protected]

web.nvd.nist.gov

sql injection

index.php

nelogic nephp publisher 4.5.2

remote attackers

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.9 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.3%

JSON

Multiple SQL injection vulnerabilities in index.php in NeLogic Nephp Publisher 4.5.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) nnet_catid parameters.

Affected configurations

NVD

Node

nelogic_technologiesnephp_publisherRange≤4.5.2

CPENameOperatorVersion
nelogic_technologies:nephp_publishernelogic technologies nephp publisherle4.5.2

CPE	Name	Operator	Version
nelogic_technologies:nephp_publisher	nelogic technologies nephp publisher	le	4.5.2

References

pridels0.blogspot.com/2005/11/nephp-publisher-v45x-sql-inj-vuln.html

secunia.com/advisories/17772

www.osvdb.org/21196

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.9 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.3%

JSON

Related for CVE-2005-4743

nvd1 cvelist1