Lucene search
HistoryDec 30, 2005 - 11:03 a.m.
CVE-2005-4586
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 allow remote attackers to execute arbitrary SQL commands via the (1) sql parameter in browse.php and the (2) sid, (3) lid, (4) gid, and (5) token parameters in certain PHP scripts.
Affected configurations
Node
phpsurveyorphpsurveyorMatch0.99
Related
cve
cve
CVE-2005-4586
2005-12-30 11:03:00
nessus
nessus
PHPSurveyor Multiple SQL Injections
2006-01-03 00:00:00
openvas
openvas
PHPSurveyor sid SQL Injection Flaw
2006-03-26 00:00:00
PHPSurveyor sid SQL Injection Flaw
2006-03-26 00:00:00
cvelist
cvelist
CVE-2005-4586
2005-12-30 11:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Related for NVD:CVE-2005-4586