Vulnerability Details CVE-2005-4478
Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the (2) forumid and (3) reporeid_print parameters to (c) print.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://pridels0.blogspot.com/2005/12/papoo-multiple-sql-vuln.html
- http://secunia.com/advisories/18152
- http://www.osvdb.org/21869
- http://www.osvdb.org/displayvuln.php?osvdb_id=21870
- http://www.osvdb.org/displayvuln.php?osvdb_id=21871
- http://www.securityfocus.com/bid/16020
- http://www.vupen.com/english/advisories/2005/3046
- http://pridels0.blogspot.com/2005/12/papoo-multiple-sql-vuln.html
- http://secunia.com/advisories/18152
- http://www.osvdb.org/21869
- http://www.osvdb.org/displayvuln.php?osvdb_id=21870
- http://www.osvdb.org/displayvuln.php?osvdb_id=21871
- http://www.securityfocus.com/bid/16020
- http://www.vupen.com/english/advisories/2005/3046