Vulnerability Details CVE-2005-3408
SQL injection vulnerability in news.php in gCards version 1.43 allows remote attackers to execute arbitrary SQL commands via the limit parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/17353
- http://securitytracker.com/id?1015106
- http://www.fr33d0m.net/content-1783.html
- http://www.osvdb.org/20329
- http://www.securityfocus.com/bid/15216
- http://www.vupen.com/english/advisories/2005/2223
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22884
- http://secunia.com/advisories/17353
- http://securitytracker.com/id?1015106
- http://www.fr33d0m.net/content-1783.html
- http://www.osvdb.org/20329
- http://www.securityfocus.com/bid/15216
- http://www.vupen.com/english/advisories/2005/2223
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22884
Products affected by CVE-2005-3408
-
cpe:2.3:a:greg_neustaetter:gcards:1.43