3 matches found
CVE-2005-4608
CVE-2005-4608 : Affects BugPort 1.147 (index.php). The vulnerability is a SQL injection in the parameters (1) devWherePair[0], (2) orderBy, (3) where, allowing remote attackers to execute arbitrary SQL commands. Root cause: improper handling of input parameters leading to SQL injection. Impact: d...
CVE-2005-4607
CVE-2005-4607 describes a cross-site scripting (XSS) vulnerability in BugPort’s index.php for version 1.147 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the following parameters: ids[0], action, report_id, devWherePair[1][1], and binds[0]. The connecte...
CVE-2005-4609
The CVE describes a vulnerability in BugPort, affecting index.php in version 1.147 and earlier. The underlying issue is that an invalid action parameter allows remote attackers to disclose sensitive information, including full path and system configuration. The available records do not specify af...