CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-3159

SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112811077320676&w=2
http://www.osvdb.org/18708
http://www.s4a.cc/forum/archive/index.php/t-3585.html
http://www.securityfocus.com/bid/14489
http://marc.info/?l=bugtraq&m=112811077320676&w=2
http://www.osvdb.org/18708
http://www.s4a.cc/forum/archive/index.php/t-3585.html
http://www.securityfocus.com/bid/14489

Products affected by CVE-2005-3159

Php Fusion » Php Fusion » Version: 4.00

cpe:2.3:a:php_fusion:php_fusion:4.00
Php Fusion » Php Fusion » Version: 4.01

cpe:2.3:a:php_fusion:php_fusion:4.01
Php Fusion » Php Fusion » Version: 5.0

cpe:2.3:a:php_fusion:php_fusion:5.0
Php Fusion » Php Fusion » Version: 5.01_service_pack

cpe:2.3:a:php_fusion:php_fusion:5.01_service_pack
Php Fusion » Php Fusion » Version: 6.0.105

cpe:2.3:a:php_fusion:php_fusion:6.0.105
Php Fusion » Php Fusion » Version: 6.0.106

cpe:2.3:a:php_fusion:php_fusion:6.0.106

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-3159

Products

Pricing

Contact Us