CVE-2005-2000 in paFileDBالمعلومات

الملخص

بحسب MITRE

Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

20/06/2005

إفشاء

15/06/2005

الاعتدال

تمت الموافقة

إدخال

VDB-25527

CPE

جاهز

CWE

CWE-89 (مؤكد)

استغلال

تحميل

CVSS

7.5 (NVD)

EPSS

0.00642

KEV

لا

النشاطات

منخفض جدًا

القطاع

Chemical, Finance, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-2000
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2000
CVE Details	https://www.cvedetails.com/cve/CVE-2005-2000/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!