7.5
CVE-2005-4170
- EPSS 2.05%
- Veröffentlicht 11.12.2005 21:03:00
- Zuletzt bearbeitet 16.06.2026 22:18:18
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Efiction Project ≫ Efiction Version1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.05% | 0.788 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html
http://rgod.altervista.org/efiction2_xpl.html
http://secunia.com/advisories/17777
http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555
http://www.securityfocus.com/bid/15568
http://securitytracker.com/id?1015273
http://www.vupen.com/english/advisories/2005/2606
https://exchange.xforce.ibmcloud.com/vulnerabilities/23373
http://www.osvdb.org/21122