CVE-2005-2031

2005-06-2104:00:00

mitre

www.cve.org

sql injection

socialmpn

remote attackers

arbitrary commands

AI Score

8.5

Confidence

Low

EPSS

0.002

Percentile

53.9%

JSON

Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) secid or (6) artid parameter to sections.php, (7) siteid parameter to index.php, or (8) sid parameter to friend.php.

References

securitytracker.com/id?1014214