Описание
SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php.
SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23309
- http://pridels0.blogspot.com/2005/11/kbase-express-sql-inj-vuln.html
- http://secunia.com/advisories/17806
- http://www.osvdb.org/21340
- http://www.osvdb.org/21341
- http://www.securityfocus.com/bid/15635
- http://www.vupen.com/english/advisories/2005/2641
EPSS
Процентиль: 74%
0.00816
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php.
EPSS
Процентиль: 74%
0.00816
Низкий