CVE-2005-0858

Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://securitytracker.com/id?1013474	Exploit Patch
http://www.securityfocus.com/bid/12852	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/19759
https://exchange.xforce.ibmcloud.com/vulnerabilities/19761
http://securitytracker.com/id?1013474	Exploit Patch
http://www.securityfocus.com/bid/12852	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/19759
https://exchange.xforce.ibmcloud.com/vulnerabilities/19761

Configurations

Configuration 1 (hide)

cpe:2.3:a:coolforum:coolforum:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:56

Type	Values Removed	Values Added
References	~~() http://securitytracker.com/id?1013474 - Exploit, Patch~~	() http://securitytracker.com/id?1013474 - Exploit, Patch
References	~~() http://www.securityfocus.com/bid/12852 - Exploit~~	() http://www.securityfocus.com/bid/12852 - Exploit
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/19759 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/19759 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/19761 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/19761 -

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:56

NVD link : CVE-2005-0858

Mitre link : CVE-2005-0858

CVE.ORG link : CVE-2005-0858

JSON object : View

Products Affected

coolforum

coolforum

CWE

NVD-CWE-Other

7.5 /10