CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-4054

SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://pridels0.blogspot.com/2005/12/pluggedout-blog-sql-vuln.html
http://secunia.com/advisories/17911
http://www.osvdb.org/21480
http://www.securityfocus.com/bid/15746
http://www.vupen.com/english/advisories/2005/2750
http://pridels0.blogspot.com/2005/12/pluggedout-blog-sql-vuln.html
http://secunia.com/advisories/17911
http://www.osvdb.org/21480
http://www.securityfocus.com/bid/15746
http://www.vupen.com/english/advisories/2005/2750

Products affected by CVE-2005-4054

Pluggedout » Pluggedout Blog » Version: Any

cpe:2.3:a:pluggedout:pluggedout_blog:*
Pluggedout » Pluggedout Blog » Version: 1.9.5

cpe:2.3:a:pluggedout:pluggedout_blog:1.9.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4054

Products

Pricing

Contact Us