CVE-2004-2042

Опубликовано: 29 мая 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via (1) content parameter to content.php, (2) content_id parameter to content.php, or (3) list parameter to news.php.

Ссылки

http://marc.info/?l=bugtraq&m=108588043007224&w=2
http://marc.info/?l=full-disclosure&m=108586723116427&w=2
http://secunia.com/advisories/11740
Patch
Vendor Advisory
http://www.osvdb.org/6531
Exploit
Patch
Vendor Advisory
http://www.osvdb.org/6532
Exploit
Tool Signature
Vendor Advisory
http://www.osvdb.org/6533
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/10436
Exploit
Patch
Vendor Advisory
http://www.waraxe.us/index.php?modname=sa&id=31
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16283
http://marc.info/?l=bugtraq&m=108588043007224&w=2
http://marc.info/?l=full-disclosure&m=108586723116427&w=2
http://secunia.com/advisories/11740
Patch
Vendor Advisory
http://www.osvdb.org/6531
Exploit
Patch
Vendor Advisory
http://www.osvdb.org/6532
Exploit
Tool Signature
Vendor Advisory
http://www.osvdb.org/6533
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/10436
Exploit
Patch
Vendor Advisory
http://www.waraxe.us/index.php?modname=sa&id=31
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16283

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:e107:e107:0.615:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03255

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-57gf-375c-cgqp

github

почти 4 года назад