CVE-2005-4195 in Scout Portal Toolkitinformazioni

Riassunto

di MITRE

Multiple SQL injection vulnerabilities in Scout Portal Toolkit (SPT) 1.3.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the ParentId parameter in SPT--BrowseResources.php, (2) ResourceId parameter in SPT--FullRecord.php, (3) ResourceOffset parameter in SPT--Home.php, and (4) F_UserName and (5) F_Password in SPT--UserLogin.php. NOTE: it was later reported that vector 1 is also present in 1.4.0.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

13/12/2005

Moderazione

accettato

Voce

9

Collegare

mostrare

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.05497

KEV

no

Attività

molto basso

Fonti

Might our Artificial Intelligence support you?

Check our Alexa App!