CVE-2005-0368

2005-02-1105:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php.

References

marc.info/?l=bugtraq&m=110803385223054&w=2

secunia.com/advisories/14142/

www.securityfocus.com/bid/12457

exchange.xforce.ibmcloud.com/vulnerabilities/19235