CVE-2005-1029

Опубликовано: 06 апр. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp.

Ссылки

http://digitalparadox.org/advisories/aass.txt
http://marc.info/?l=bugtraq&m=111280834000432&w=2
http://secunia.com/advisories/14839
Vendor Advisory
http://www.osvdb.org/15281
http://www.osvdb.org/15282
http://www.osvdb.org/15283
http://www.securityfocus.com/bid/13032
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/13034
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/13035
Vendor Advisory
http://www.securitytracker.com/alerts/2005/Apr/1013649.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19977
http://digitalparadox.org/advisories/aass.txt
http://marc.info/?l=bugtraq&m=111280834000432&w=2
http://secunia.com/advisories/14839
Vendor Advisory
http://www.osvdb.org/15281
http://www.osvdb.org/15282
http://www.osvdb.org/15283
http://www.securityfocus.com/bid/13032
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/13034
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/13035
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:active_web_softwares:active_auction_house:7.1:*:pro:*:*:*:*:*

EPSS

Процентиль: 89%

0.04483

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-45qh-hw85-4h68

github

почти 4 года назад