Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3844

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3844
Last Modified 07 Mar 2011 09:27:15
Published 26 Nov 2005 05:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3844

Summary

SQL injection vulnerability in phpWordPress PHP News and Article Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) poll and (2) category parameters to index.php, and (3) the ctg parameter in an archive action.

Vulnerable Systems

Application

  • Phpwordpress Php News And Article Manager 3.0


References

VUPEN - ADV-2005-2594

SECUNIA - 17733

BID - 15582

OSVDB - 21110

MISC - http://pridels0.blogspot.com/2005/11/phpwordpress-30-sql-inj.html

CONFIRM - http://forum.word-press.net/index.php?&showtopic=76&st=0&#entry181


Last Updated: 27 May 2016 10:41:04