CVE-2005-2415

2005-08-0304:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.016

Percentile

87.5%

JSON

Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module.

References

marc.info/?l=bugtraq&m=112206702015439&w=2

secunia.com/advisories/16169

securitytracker.com/id?1014554

www.hardened-php.net/advisory_112005.59.html

www.osvdb.org/18166

www.osvdb.org/18167

www.securityfocus.com/bid/14352

exchange.xforce.ibmcloud.com/vulnerabilities/21482