7.5
CVE-2005-3941
- EPSS 1.35%
- Veröffentlicht 01.12.2005 06:03:00
- Zuletzt bearbeitet 16.06.2026 22:17:55
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Greywyvern ≫ Orca Blog Version <= 1.3b
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.35% | 0.679 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://pridels0.blogspot.com/2005/11/orca-blog-sql-inj-vuln.html
http://secunia.com/advisories/17804
http://www.greywyvern.com/orca#blog
http://www.osvdb.org/21199
http://www.securityfocus.com/bid/15638
http://www.vupen.com/english/advisories/2005/2656