Vulnerability Details CVE-2004-2716
Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the (1) sortBy, (2) sortOrder, (3) startReg, (4) U, (5) LastCheck , and (6) R parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2004-06/0252.html
- http://secunia.com/advisories/11894
- http://securitytracker.com/id?1010515
- http://www.osvdb.org/7152
- http://www.securityfocus.com/bid/10556
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16442
- http://archives.neohapsis.com/archives/bugtraq/2004-06/0252.html
- http://secunia.com/advisories/11894
- http://securitytracker.com/id?1010515
- http://www.osvdb.org/7152
- http://www.securityfocus.com/bid/10556
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16442
Products affected by CVE-2004-2716
-
cpe:2.3:a:php_heaven:phpmychat:0.14.5