Lucene search

[email protected]NVD:CVE-2005-3364

HistoryOct 30, 2005 - 2:34 p.m.

CVE-2005-3364

2005-10-3014:34:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ctrtools.php.

Affected configurations

NVD

Node

platinumdboardgear

References

marc.info/?l=bugtraq&m=113017087231116&w=2

securityreason.com/securityalert/109

securitytracker.com/id?1015095

www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-10/0298.html

www.osvdb.org/20442

www.osvdb.org/20443

www.securityfocus.com/bid/15174

www.securityfocus.com/bid/15194

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for NVD:CVE-2005-3364

cve1 cvelist1