Lucene search

[email protected]NVD:CVE-2003-0585

HistoryAug 18, 2003 - 4:00 a.m.

CVE-2003-0585

2003-08-1804:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.002

Percentile

55.8%

JSON

SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to bypass authentication and execute arbitrary SQL code via the (1) user or (2) pass parameters.

Affected configurations

Nvd

Node

brookyestoreMatch1.0.2b

VendorProductVersionCPE
brookyestore1.0.2bcpe:2.3:a:brooky:estore:1.0.2b:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
brooky	estore	1.0.2b	cpe:2.3:a:brooky:estore:1.0.2b:::::::*

References

marc.info/?l=bugtraq&m=105845898003616&w=2

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.002

Percentile

55.8%

JSON

Related for NVD:CVE-2003-0585

cvelist1 cve1