CVE-2005-1364

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp.

Ссылки

http://digitalparadox.org/advisories/metabid.txt
Exploit
http://marc.info/?l=bugtraq&m=111454192928364&w=2
http://secunia.com/advisories/15136
Vendor Advisory
http://www.osvdb.org/15868
http://www.osvdb.org/15869
http://www.securityfocus.com/bid/13395
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20286
http://digitalparadox.org/advisories/metabid.txt
Exploit
http://marc.info/?l=bugtraq&m=111454192928364&w=2
http://secunia.com/advisories/15136
Vendor Advisory
http://www.osvdb.org/15868
http://www.osvdb.org/15869
http://www.securityfocus.com/bid/13395
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20286

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:metalinks:metabid_auctions:*:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01042

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pfgv-2vg5-fx89

github

почти 4 года назад