CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-3201

SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112872691119874&w=2
http://rgod.altervista.org/utopia113.html
http://secunia.com/advisories/17115/
http://securitytracker.com/id?1015016
http://www.osvdb.org/19942
http://www.securityfocus.com/bid/15028
http://www.utopiasoftware.net/
https://exchange.xforce.ibmcloud.com/vulnerabilities/22555
http://marc.info/?l=bugtraq&m=112872691119874&w=2
http://rgod.altervista.org/utopia113.html
http://secunia.com/advisories/17115/
http://securitytracker.com/id?1015016
http://www.osvdb.org/19942
http://www.securityfocus.com/bid/15028
http://www.utopiasoftware.net/
https://exchange.xforce.ibmcloud.com/vulnerabilities/22555

Products affected by CVE-2005-3201

Utopia Software » Utopia News Pro » Version: 1.1.1b

cpe:2.3:a:utopia_software:utopia_news_pro:1.1.1b
Utopia Software » Utopia News Pro » Version: 1.1.2

cpe:2.3:a:utopia_software:utopia_news_pro:1.1.2
Utopia Software » Utopia News Pro » Version: 1.1.3

cpe:2.3:a:utopia_software:utopia_news_pro:1.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-3201

Products

Pricing

Contact Us