Описание
Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.
Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-1384
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20308
- http://digitalparadox.org/viewadvisories.ah?view=36
- http://marc.info/?l=bugtraq&m=111473522804665&w=2
- http://pridels0.blogspot.com/2006/03/phpcoin-poc.html
- http://securitytracker.com/id?1013834
- http://www.securityfocus.com/bid/13433
- http://www.vupen.com/english/advisories/2005/0423
EPSS
Процентиль: 85%
0.02448
Низкий
CVE ID
Связанные уязвимости
nvd
почти 21 год назад
Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.
EPSS
Процентиль: 85%
0.02448
Низкий