CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-0946

SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=111214190111520&w=2
http://www.gulftech.org/?node=research&article_id=00065-03292005
http://www.securityfocus.com/bid/12917
http://marc.info/?l=bugtraq&m=111214190111520&w=2
http://www.gulftech.org/?node=research&article_id=00065-03292005
http://www.securityfocus.com/bid/12917

Products affected by CVE-2005-0946

Coinsoft Technologies » Phpcoin » Version: 1.2

cpe:2.3:a:coinsoft_technologies:phpcoin:1.2
Coinsoft Technologies » Phpcoin » Version: 1.2.1

cpe:2.3:a:coinsoft_technologies:phpcoin:1.2.1
Coinsoft Technologies » Phpcoin » Version: 1.2.1b

cpe:2.3:a:coinsoft_technologies:phpcoin:1.2.1b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0946

Products

Pricing

Contact Us