CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-4408

Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://pridels0.blogspot.com/2005/12/miraserver-sql-vuln.html
http://secunia.com/advisories/18110
http://www.osvdb.org/21836
http://www.osvdb.org/21837
http://www.osvdb.org/21838
http://www.securityfocus.com/bid/15960
http://pridels0.blogspot.com/2005/12/miraserver-sql-vuln.html
http://secunia.com/advisories/18110
http://www.osvdb.org/21836
http://www.osvdb.org/21837
http://www.osvdb.org/21838
http://www.securityfocus.com/bid/15960

Products affected by CVE-2005-4408

Pc Media » Miraserver » Version: Any

cpe:2.3:a:pc_media:miraserver:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4408

Products

Pricing

Contact Us