CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dmanews: >> Dmanews Security Vulnerabilities

CVE-2005-3956

Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 and 0.910 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a comments action and the (2) sortorder and (3) display_num parameters in a news_list action.

CVSS Score

7.5

EPSS Score

0.003

Published

2005-12-01

Page 1

Vulnerabilities

Vulnerable Software

Dmanews: >> Dmanews Security Vulnerabilities

Products

Pricing

Contact Us