Lucene search

[email protected]CVE-2003-0735

HistoryOct 20, 2003 - 4:00 a.m.

CVE-2003-0735

2003-10-2004:00:00

[email protected]

web.nvd.nist.gov

cve

2003

0735

sql injection

phpwebsite

calendar module

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.0%

JSON

SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter.

Affected configurations

NVD

Node

phpwebsitephpwebsiteRange≤0.9.0

CPENameOperatorVersion
phpwebsite:phpwebsitephpwebsitele0.9.0

CPE	Name	Operator	Version
phpwebsite:phpwebsite	phpwebsite	le	0.9.0

References

marc.info/?l=bugtraq&m=106062021711496&w=2

marc.info/?l=bugtraq&m=106252188522715&w=2

www.kb.cert.org/vuls/id/925166

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.0%

JSON

Related for CVE-2003-0735

cvelist1 nvd1 cert1 nessus1