Lucene search

[email protected]CVE-2005-4821

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4821

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

land down under

ldu

cve-2005-4821

security vulnerability

nvd

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.3%

JSON

Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2) the f parameter in events.php, or (3) the e parameter in plug.php.

CPENameOperatorVersion
neocrome:land_down_underneocrome land down undereq801
neocrome:land_down_underneocrome land down undereq800

CPE	Name	Operator	Version
neocrome:land_down_under	neocrome land down under	eq	801
neocrome:land_down_under	neocrome land down under	eq	800

References

archives.neohapsis.com/archives/fulldisclosure/2005-09/0381.html

www.g-0.org/code/ldu-adv.html

www.osvdb.org/19504

www.osvdb.org/19505

www.securityfocus.com/bid/14820

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.3%

JSON

Related for CVE-2005-4821

cvelist1 nessus1