CVE-2005-1161

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp.

Ссылки

http://marc.info/?l=bugtraq&m=111352017704126&w=2
http://secunia.com/advisories/14969
Patch
http://securitytracker.com/id?1013720
Exploit
http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab
URL Repurposed
http://www.osvdb.org/15518
http://www.osvdb.org/15519
http://www.osvdb.org/15520
http://www.securityfocus.com/bid/13181
Exploit
Patch
http://www.securityfocus.com/bid/13182
Exploit
Patch
http://www.securityfocus.com/bid/13183
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20097
http://marc.info/?l=bugtraq&m=111352017704126&w=2
http://secunia.com/advisories/14969
Patch
http://securitytracker.com/id?1013720
Exploit
http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab
URL Repurposed
http://www.osvdb.org/15518
http://www.osvdb.org/15519
http://www.osvdb.org/15520
http://www.securityfocus.com/bid/13181
Exploit
Patch
http://www.securityfocus.com/bid/13182
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oneworldstore:oneworldstore:*:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03779

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-m25r-hxgq-cjch

github

почти 4 года назад