CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2383

SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the user parameter in an HTTP POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112189453304389&w=2
http://newsphp.sourceforge.net/changelog/changelog_1.30.txt
http://secunia.com/advisories/16148
http://www.securityfocus.com/bid/14333
http://marc.info/?l=bugtraq&m=112189453304389&w=2
http://newsphp.sourceforge.net/changelog/changelog_1.30.txt
http://secunia.com/advisories/16148
http://www.securityfocus.com/bid/14333

Products affected by CVE-2005-2383

Phpnews » Phpnews » Version: 1.2.5

cpe:2.3:a:phpnews:phpnews:1.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2383

Products

Pricing

Contact Us