CVE-2005-2478

Опубликовано: 05 авг. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel.

Ссылки

http://marc.info/?l=bugtraq&m=112309780321088&w=2
http://secunia.com/advisories/16315
Patch
Vendor Advisory
http://securitytracker.com/id?1014622
http://www.osvdb.org/18517
http://www.rgod.altervista.org/silvernews.html
Exploit
http://www.securityfocus.com/bid/14466
https://exchange.xforce.ibmcloud.com/vulnerabilities/21688
http://marc.info/?l=bugtraq&m=112309780321088&w=2
http://secunia.com/advisories/16315
Patch
Vendor Advisory
http://securitytracker.com/id?1014622
http://www.osvdb.org/18517
http://www.rgod.altervista.org/silvernews.html
Exploit
http://www.securityfocus.com/bid/14466
https://exchange.xforce.ibmcloud.com/vulnerabilities/21688

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:silver-scripts:silvernews:2.0.3:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00963

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r2gv-p9pf-hg72

github

почти 4 года назад