Vulnerability Details CVE-2005-1397
SQL injection vulnerability in search.php for PHP-Calendar before 0.10.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/15116
- http://sourceforge.net/project/shownotes.php?release_id=323483
- http://www.osvdb.org/15866
- http://www.securityfocus.com/bid/13405
- http://www.vupen.com/english/advisories/2005/0418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20297
- http://secunia.com/advisories/15116
- http://sourceforge.net/project/shownotes.php?release_id=323483
- http://www.osvdb.org/15866
- http://www.securityfocus.com/bid/13405
- http://www.vupen.com/english/advisories/2005/0418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20297
Products affected by CVE-2005-1397
-
cpe:2.3:a:php-calendar:php-calendar:0.1
-
cpe:2.3:a:php-calendar:php-calendar:0.10
-
cpe:2.3:a:php-calendar:php-calendar:0.2
-
cpe:2.3:a:php-calendar:php-calendar:0.3
-
cpe:2.3:a:php-calendar:php-calendar:0.4
-
cpe:2.3:a:php-calendar:php-calendar:0.5
-
cpe:2.3:a:php-calendar:php-calendar:0.6
-
cpe:2.3:a:php-calendar:php-calendar:0.7
-
cpe:2.3:a:php-calendar:php-calendar:0.8
-
cpe:2.3:a:php-calendar:php-calendar:0.9
-
cpe:2.3:a:php-calendar:php-calendar:0.9.1