CVE-2005-2000 in paFileDBinformation

Résumé

par MITRE

Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Réserver

20/06/2005

Divulgation

15/06/2005

Modérer

accepté

Entrée

VDB-25527

CPE

prêt

CWE

CWE-89 (confirmé)

Exploitation

Télécharger

CVSS

7.5 (NVD)

EPSS

0.00642

KEV

non

Activités

très faible

Secteur

Finance, Education, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-2000
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2000
CVE Details	https://www.cvedetails.com/cve/CVE-2005-2000/

◂ Précédent Aperçu Suivant ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!