7.5
CVE-2005-2987
- EPSS 1.89%
- Veröffentlicht 20.09.2005 00:03:00
- Zuletzt bearbeitet 16.06.2026 22:16:02
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in login.php in Digital Scribe 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Digital Scribe ≫ Digital Scribe Version1.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.89% | 0.768 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=112680124115325&w=2
http://rgod.altervista.org/dscribe14.html
http://secunia.com/advisories/16841/
http://securityreason.com/securityalert/10
http://securitytracker.com/id?1014909
http://www.osvdb.org/19460
http://www.securityfocus.com/bid/14843
http://www.vupen.com/english/advisories/2005/1757
https://exchange.xforce.ibmcloud.com/vulnerabilities/22286