CVE-2004-2175

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php.

Ссылки

http://secunia.com/advisories/10786/
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/352598
Exploit
Patch
http://www.securityfocus.com/bid/9574
Exploit
http://www.zone-h.org/en/advisories/read/id=3864/
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15035
http://secunia.com/advisories/10786/
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/352598
Exploit
Patch
http://www.securityfocus.com/bid/9574
Exploit
http://www.zone-h.org/en/advisories/read/id=3864/
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15035

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:all_enthusiast_inc:reviewpost_php_pro:2.5:*:*:*:*:*:*:*

cpe:2.3:a:all_enthusiast_inc:reviewpost_php_pro:2.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00632

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-v4x7-whxp-hr4r

github

почти 4 года назад