7.5
CVE-2005-3364
- EPSS 1.55%
- Veröffentlicht 30.10.2005 14:34:00
- Zuletzt bearbeitet 16.06.2026 22:16:49
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ctrtools.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.55% | 0.718 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=113017087231116&w=2
http://securityreason.com/securityalert/109
http://securitytracker.com/id?1015095
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-10/0298.html
http://www.osvdb.org/20442
http://www.osvdb.org/20443
http://www.securityfocus.com/bid/15174
http://www.securityfocus.com/bid/15194