7.5
CVE-2005-3951
- EPSS 1.21%
- Veröffentlicht 01.12.2005 06:03:00
- Zuletzt bearbeitet 16.06.2026 22:17:56
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in survey.php in PHP Labs Survey Wizard allows remote attackers to execute arbitrary SQL commands via the sid parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.21% | 0.645 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://pridels0.blogspot.com/2005/11/survey-wizard-sid-sql-injection-vuln.html
http://secunia.com/advisories/17686
http://www.osvdb.org/21104
http://www.vupen.com/english/advisories/2005/2553