CVE-2005-2692

Exploit

EPSS 0.96%
Published 24.08.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply.php in the newbb plus module, or (6) the msg_id parameter to print.php in the messages module.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Runcms ≫ Runcms Version1.1

Runcms ≫ Runcms Version1.1a

Runcms ≫ Runcms Version1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.96%	0.755

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/16514

Vendor Advisory

http://www.gulftech.org/?node=research&article_id=00094-08192005

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2005-2692

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2692

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2692

EUVD