CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-0302

SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=110636597832556&w=2
http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19013
http://marc.info/?l=bugtraq&m=110636597832556&w=2
http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19013

Products affected by CVE-2005-0302

Comersus Open Technologies » Comersus Backoffice Lite » Version: 6.0

cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:6.0
Comersus Open Technologies » Comersus Backoffice Lite » Version: 6.1

cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0302

Products

Pricing

Contact Us