Vulnerability Details CVE-2005-3363
SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.09
EPSS Ranking 92.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=113018965520240&w=2
- http://secunia.com/advisories/17308/
- http://securityreason.com/securityalert/111
- http://www.attrition.org/pipermail/vim/2005-October/000313.html
- http://www.osvdb.org/20289
- http://www.osvdb.org/20290
- http://www.securityfocus.com/archive/1/430906/30/5610/threaded
- http://www.securityfocus.com/archive/1/440120/100/0/threaded
- http://www.securityfocus.com/archive/1/472799/100/0/threaded
- http://www.securityfocus.com/bid/15185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22861
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27746
- https://www.exploit-db.com/exploits/1530
- http://marc.info/?l=bugtraq&m=113018965520240&w=2
- http://secunia.com/advisories/17308/
- http://securityreason.com/securityalert/111
- http://www.attrition.org/pipermail/vim/2005-October/000313.html
- http://www.osvdb.org/20289
- http://www.osvdb.org/20290
- http://www.securityfocus.com/archive/1/430906/30/5610/threaded
- http://www.securityfocus.com/archive/1/440120/100/0/threaded
- http://www.securityfocus.com/archive/1/472799/100/0/threaded
- http://www.securityfocus.com/bid/15185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22861
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27746
- https://www.exploit-db.com/exploits/1530
Products affected by CVE-2005-3363
-
cpe:2.3:a:saphp:saphplesson:1.1
-
cpe:2.3:a:saphp:saphplesson:2.0