CVE-2005-1364

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-1364
Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://digitalparadox.org/advisories/metabid.txt Exploit
http://marc.info/?l=bugtraq&m=111454192928364&w=2
http://secunia.com/advisories/15136 Vendor Advisory
http://www.osvdb.org/15868
http://www.osvdb.org/15869
http://www.securityfocus.com/bid/13395 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20286
http://digitalparadox.org/advisories/metabid.txt Exploit
http://marc.info/?l=bugtraq&m=111454192928364&w=2
http://secunia.com/advisories/15136 Vendor Advisory
http://www.osvdb.org/15868
http://www.osvdb.org/15869
http://www.securityfocus.com/bid/13395 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20286
Configurations

Configuration 1 (hide)

cpe:2.3:a:metalinks:metabid_auctions:*:*:*:*:*:*:*:*
History

20 Nov 2024, 23:57

Type Values Removed Values Added
References () http://digitalparadox.org/advisories/metabid.txt - Exploit () http://digitalparadox.org/advisories/metabid.txt - Exploit
References () http://marc.info/?l=bugtraq&m=111454192928364&w=2 - () http://marc.info/?l=bugtraq&m=111454192928364&w=2 -
References () http://secunia.com/advisories/15136 - Vendor Advisory () http://secunia.com/advisories/15136 - Vendor Advisory
References () http://www.osvdb.org/15868 - () http://www.osvdb.org/15868 -
References () http://www.osvdb.org/15869 - () http://www.osvdb.org/15869 -
References () http://www.securityfocus.com/bid/13395 - Exploit () http://www.securityfocus.com/bid/13395 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/20286 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/20286 -
Information

Published : 2005-05-02 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2005-1364

Mitre link : CVE-2005-1364

CVE.ORG link : CVE-2005-1364

JSON object : View

Products Affected

metalinks

  • metabid_auctions
CWE
NVD-CWE-Other