Lucene search

MitreCVE-2005-4656

HistoryJan 16, 2006 - 9:00 p.m.

CVE-2005-4656

2006-01-1621:00:00

mitre

web.nvd.nist.gov

sql injection

tclanportal

remote attackers

arbitrary commands

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

8.6

Confidence

Low

EPSS

0.006

Percentile

79.2%

JSON

SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.

Affected configurations

Nvd

Node

triggertgtclanportalMatch1.1.3

VendorProductVersionCPE
triggertgtclanportal1.1.3cpe:2.3:a:triggertg:tclanportal:1.1.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
triggertg	tclanportal	1.1.3	cpe:2.3:a:triggertg:tclanportal:1.1.3:::::::*

References

downloads.securityfocus.com/vulnerabilities/exploits/TClanPortal_sql_inj.pl

secunia.com/advisories/17324

www.osvdb.org/20305

www.securityfocus.com/bid/15173

www.vupen.com/english/advisories/2005/2187

exchange.xforce.ibmcloud.com/vulnerabilities/22869

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

8.6

Confidence

Low

EPSS

0.006

Percentile

79.2%

JSON

Related for CVE-2005-4656