Lucene search

[email protected]CVE-2005-1779

HistoryMay 31, 2005 - 4:00 a.m.

CVE-2005-1779

2005-05-3104:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1779

sql injection

maxwebportal

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.4%

JSON

SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.

Affected configurations

NVD

Node

maxwebportalmaxwebportalMatch1.35

maxwebportalmaxwebportalMatch1.36

maxwebportalmaxwebportalMatch2.0

maxwebportalmaxwebportalMatch2005-04-18

CPENameOperatorVersion
maxwebportal:maxwebportalmaxwebportaleq1.35
maxwebportal:maxwebportalmaxwebportaleq1.36
maxwebportal:maxwebportalmaxwebportaleq2.0
maxwebportal:maxwebportalmaxwebportaleq2005-04-18

CPE	Name	Operator	Version
maxwebportal:maxwebportal	maxwebportal	eq	1.35
maxwebportal:maxwebportal	maxwebportal	eq	1.36
maxwebportal:maxwebportal	maxwebportal	eq	2.0
maxwebportal:maxwebportal	maxwebportal	eq	2005-04-18

References

secunia.com/advisories/15511

securitytracker.com/id?1014048

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.4%

JSON

Related for CVE-2005-1779

nvd1 cvelist1 nessus1