7.5
CVE-2005-4630
- EPSS 1.49%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:19:08
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clientexec ≫ Clientexec Version2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.49% | 0.708 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://pridels0.blogspot.com/2005/11/clientexec-2x-multiple-sql-inj.html
http://secunia.com/advisories/17756
http://www.ce-talk.com/showthread.php?t=653
http://www.clientexec.com/forum/showthread.php?t=8006
http://www.osvdb.org/21163
http://www.vupen.com/english/advisories/2005/2628
https://exchange.xforce.ibmcloud.com/vulnerabilities/23271