Описание
Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter in a viewlist action to titles.php and (2) the username.
Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter in a viewlist action to titles.php and (2) the username.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4168
- http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html
- http://rgod.altervista.org/efiction2_xpl.html
- http://secunia.com/advisories/17777
- http://securitytracker.com/id?1015273
- http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555
- http://www.osvdb.org/21120
- http://www.osvdb.org/21123
- http://www.securityfocus.com/bid/15568
EPSS
Процентиль: 80%
0.0138
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter in a viewlist action to titles.php and (2) the username.
EPSS
Процентиль: 80%
0.0138
Низкий