Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4054

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4054
Last Modified 07 Mar 2011 09:27:37
Published 07 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4054

Summary

SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter.

Vulnerable Systems

Application

  • Pluggedout Blog 1.9.4

  • Pluggedout Blog 1.9.5


References

VUPEN - ADV-2005-2750

SECUNIA - 17911

BID - 15746

OSVDB - 21480

MISC - http://pridels0.blogspot.com/2005/12/pluggedout-blog-sql-vuln.html


Last Updated: 27 May 2016 10:41:10