ID |
CVE-2005-3953
|
Summary |
SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 03-10-2008 - 04:41) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
03-10-2008 - 04:41 |
Published |
01-12-2005 - 06:03 |
Last modified |
03-10-2008 - 04:41 |