CVE-2005-3363

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

QL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.

References

Link	Resource
http://marc.info/?l=bugtraq&m=113018965520240&w=2
http://secunia.com/advisories/17308/	Vendor Advisory
http://securityreason.com/securityalert/111
http://www.attrition.org/pipermail/vim/2005-October/000313.html
http://www.osvdb.org/20289
http://www.osvdb.org/20290
http://www.securityfocus.com/archive/1/430906/30/5610/threaded
http://www.securityfocus.com/archive/1/440120/100/0/threaded
http://www.securityfocus.com/archive/1/472799/100/0/threaded
http://www.securityfocus.com/bid/15185
https://exchange.xforce.ibmcloud.com/vulnerabilities/22861
https://exchange.xforce.ibmcloud.com/vulnerabilities/27746
https://www.exploit-db.com/exploits/1530
http://marc.info/?l=bugtraq&m=113018965520240&w=2
http://secunia.com/advisories/17308/	Vendor Advisory
http://securityreason.com/securityalert/111
http://www.attrition.org/pipermail/vim/2005-October/000313.html
http://www.osvdb.org/20289
http://www.osvdb.org/20290
http://www.securityfocus.com/archive/1/430906/30/5610/threaded
http://www.securityfocus.com/archive/1/440120/100/0/threaded
http://www.securityfocus.com/archive/1/472799/100/0/threaded
http://www.securityfocus.com/bid/15185
https://exchange.xforce.ibmcloud.com/vulnerabilities/22861
https://exchange.xforce.ibmcloud.com/vulnerabilities/27746
https://www.exploit-db.com/exploits/1530

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:saphp:saphplesson:1.1:::::::*
	cpe:2.3:a:saphp:saphplesson:2.0:::::::*

History

21 Nov 2024, 00:01

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=113018965520240&w=2 -~~	() http://marc.info/?l=bugtraq&m=113018965520240&w=2 -
References	~~() http://secunia.com/advisories/17308/ - Vendor Advisory~~	() http://secunia.com/advisories/17308/ - Vendor Advisory
References	~~() http://securityreason.com/securityalert/111 -~~	() http://securityreason.com/securityalert/111 -
References	~~() http://www.attrition.org/pipermail/vim/2005-October/000313.html -~~	() http://www.attrition.org/pipermail/vim/2005-October/000313.html -
References	~~() http://www.osvdb.org/20289 -~~	() http://www.osvdb.org/20289 -
References	~~() http://www.osvdb.org/20290 -~~	() http://www.osvdb.org/20290 -
References	~~() http://www.securityfocus.com/archive/1/430906/30/5610/threaded -~~	() http://www.securityfocus.com/archive/1/430906/30/5610/threaded -
References	~~() http://www.securityfocus.com/archive/1/440120/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/440120/100/0/threaded -
References	~~() http://www.securityfocus.com/archive/1/472799/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/472799/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/15185 -~~	() http://www.securityfocus.com/bid/15185 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/22861 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/22861 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/27746 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/27746 -
References	~~() https://www.exploit-db.com/exploits/1530 -~~	() https://www.exploit-db.com/exploits/1530 -

Information

Published : 2005-10-30 14:34

Updated : 2025-04-03 01:03

NVD link : CVE-2005-3363

Mitre link : CVE-2005-3363

CVE.ORG link : CVE-2005-3363

JSON object : View

Products Affected

saphp

saphplesson

CWE

NVD-CWE-Other

7.5 /10