CVE-2005-3864

2005-11-2911:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.111 Low

EPSS

Percentile

95.2%

JSON

SQL injection vulnerability in index.php in SourceWell 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the cnt parameter. NOTE: various reports indicate that the affected version is 1.1.3, but as of 2005-11-29, the most recent version appears to be 1.1.2.

References

pridels0.blogspot.com/2005/11/sourcewell-sql-inj-vuln.html

secunia.com/advisories/17673

www.osvdb.org/21130

www.securityfocus.com/bid/15586

www.vupen.com/english/advisories/2005/2615