CVE-2005-3363

2005-10-2919:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.028 Low

EPSS

Percentile

90.7%

JSON

SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.

References

marc.info/?l=bugtraq&m=113018965520240&w=2

secunia.com/advisories/17308/

securityreason.com/securityalert/111

www.attrition.org/pipermail/vim/2005-October/000313.html

www.osvdb.org/20289

www.osvdb.org/20290

www.securityfocus.com/archive/1/430906/30/5610/threaded

www.securityfocus.com/archive/1/440120/100/0/threaded

www.securityfocus.com/archive/1/472799/100/0/threaded

www.securityfocus.com/bid/15185

exchange.xforce.ibmcloud.com/vulnerabilities/22861

exchange.xforce.ibmcloud.com/vulnerabilities/27746

www.exploit-db.com/exploits/1530