Lucene search

MitreCVE-2005-4230

HistoryDec 14, 2005 - 11:03 a.m.

CVE-2005-4230

2005-12-1411:03:00

mitre

web.nvd.nist.gov

cve-2005-4230

sql injection

link up gold

remote attackers

arbitrary sql commands

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the number parameter.

Affected configurations

Nvd

Node

php_web_scriptslink_up_goldRange≤2.5

VendorProductVersionCPE
php_web_scriptslink_up_gold*cpe:2.3:a:php_web_scripts:link_up_gold:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_web_scripts	link_up_gold	*	cpe:2.3:a:php_web_scripts:link_up_gold::::::::

References

pridels0.blogspot.com/2005/12/link-up-gold-vuln.html

www.osvdb.org/21701

www.securityfocus.com/bid/15843

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

Related for CVE-2005-4230