Lucene search
HistoryJun 22, 2005 - 4:00 a.m.
CVE-2005-1250
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.929
Percentile
99.0%
SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword parameter).
Affected configurations
Node
ipswitchwhatsupMatchprofessional_2005_sp1
Related
kaspersky
kaspersky
KLA10228 ACE vulnerability in WhatsUp Professional
2005-06-22 00:00:00
nessus
nessus
Ipswitch WhatsUp Professional Login.asp Multiple Field SQL Injection
2005-06-23 00:00:00
cvelist
cvelist
CVE-2005-1250
2005-06-22 04:00:00
exploitdb
exploitdb
Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection
2005-06-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Ipswitch WhatsUp Web Interface SQL Injection (CVE-2005-1250)
2009-09-30 00:00:00
securityvulns
securityvulns
cve
cve
nvd
nvd
CVE-2005-1938
2005-06-30 04:00:00
CVE-2005-1690
2005-06-30 04:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.929
Percentile
99.0%
Related for NVD:CVE-2005-1250