Lucene search

[email protected]NVD:CVE-2004-2471

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2471

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors.

Affected configurations

Nvd

Node

jamesoffquoteengineMatch1.0

jamesoffquoteengineMatch1.1

VendorProductVersionCPE
jamesoffquoteengine1.0cpe:2.3:a:jamesoff:quoteengine:1.0:*:*:*:*:*:*:*
jamesoffquoteengine1.1cpe:2.3:a:jamesoff:quoteengine:1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jamesoff	quoteengine	1.0	cpe:2.3:a:jamesoff:quoteengine:1.0:::::::*
jamesoff	quoteengine	1.1	cpe:2.3:a:jamesoff:quoteengine:1.1:::::::*

References

secunia.com/advisories/11255

sourceforge.net/project/shownotes.php?release_id=227554

www.securityfocus.com/bid/10017

exchange.xforce.ibmcloud.com/vulnerabilities/15685

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

Related for NVD:CVE-2004-2471

cve1 cvelist1