CVE-2005-2000 in paFileDBinformación

Resumen

por MITRE

Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

2005-06-20

Divulgación

2005-06-15

Moderación

aceptado

Artículo

VDB-25527

CPE

listo

CWE

CWE-89 (confirmado)

Explotación

Descargar

CVSS

7.5 (NVD)

EPSS

0.00642

KEV

Actividades

muy bajo

Sector

Insurance, Telecommunication, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-2000
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2000
CVE Details	https://www.cvedetails.com/cve/CVE-2005-2000/

◂ Anterior Visión De Conjunto Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!