Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3845


Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3845
Last Modified 21 Aug 2013 12:48:01
Published 26 Nov 2005 05:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email and EZI will email you the patch to fix this small issue."

Vulnerable Systems


  • Ezinvoiceinc Ez Invoice Inc 2.0


XF - ezi-invoices-sql-injection(23213)

VUPEN - ADV-2005-2596

BID - 16133

OSVDB - 21369


Last Updated: 27 May 2016 10:41:04