Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3937

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3937
Last Modified 09 Oct 2009 12:33:16
Published 01 Dec 2005 01:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3937

Summary

SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php.

Vulnerable Systems

Application

  • Softbiz B2b Trading Marketplace Script 1.1


References

BID - 15652

SECUNIA - 17808

OSVDB - 21255

OSVDB - 21254

OSVDB - 21253

OSVDB - 21252

MISC - http://pridels0.blogspot.com/2005/11/softbiz-b2b-trading-marketplace-script.html


Last Updated: 27 May 2016 10:41:06