CVE-2005-3545

Опубликовано: 16 нояб. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.

Ссылки

http://osvdb.org/20514
http://secunia.com/advisories/17457
Patch
Vendor Advisory
http://securityreason.com/securityalert/151
http://www.ibproarcade.com/index.php?showtopic=7575&pid=47370&st=0&#entry47370
URL Repurposed
http://www.ibproarcade.com/index.php?showtopic=7576&pid=47373&st=0&#entry47373
URL Repurposed
http://www.securityfocus.com/archive/1/415793
http://www.securityfocus.com/bid/15333
Exploit
http://www.vupen.com/english/advisories/2005/2334
http://osvdb.org/20514
http://secunia.com/advisories/17457
Patch
Vendor Advisory
http://securityreason.com/securityalert/151
http://www.ibproarcade.com/index.php?showtopic=7575&pid=47370&st=0&#entry47370
URL Repurposed
http://www.ibproarcade.com/index.php?showtopic=7576&pid=47373&st=0&#entry47373
URL Repurposed
http://www.securityfocus.com/archive/1/415793
http://www.securityfocus.com/bid/15333
Exploit
http://www.vupen.com/english/advisories/2005/2334

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibproarcade:ibproarcade:*:*:*:*:*:*:*:*

Версия до 2.5.2 (включая)

EPSS

Процентиль: 74%

0.00819

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pv44-wmq6-v4h5

github

почти 4 года назад