CVE-2005-0911 : Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) th

Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php.

Published 2005-03-28 05:00:00

Updated 2008-09-05 20:47:40

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql Injection

Exploit prediction scoring system (EPSS) score for CVE-2005-0911

Probability of exploitation activity in the next 30 days: 0.15%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 51 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-0911

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-0911

http://securitytracker.com/id?1013566

Vendor Advisory

CVEs referencing this url

Products affected by CVE-2005-0911

E-xoops » E-xoops
cpe:2.3:a:e-xoops:e-xoops:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-0911

Exploit prediction scoring system (EPSS) score for CVE-2005-0911

CVSS scores for CVE-2005-0911

References for CVE-2005-0911

Products affected by CVE-2005-0911