CVE-2005-3868 in K-Searchinfo

Summary

Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

11/29/2005

Disclosure

11/29/2005

Moderation

VulDB entry created

Entries

1: VDB-27141

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.00632

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-3868
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3868
CVE Details	https://www.cvedetails.com/cve/CVE-2005-3868/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!