Published: 02/05/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in (1) viewall.php and (2) category.php in paFileDB 3.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter to pafiledb.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php arena pafiledb 3.0_beta_3.1
php arena pafiledb 3.1
php arena pafiledb 1.1.3
php arena pafiledb 2.1.1
php arena pafiledb 3.0

source: wwwsecurityfocuscom/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB These issues are reported to exist in the 'viewallphp' and 'categoryphp' scripts Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying datab ...

source: wwwsecurityfocuscom/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB These issues are reported to exist in the 'viewallphp' and 'categoryphp' scripts Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying dat ...

NVD-CWE-Other http://www.securityfocus.com/bid/12788 http://marc.info/?l=bugtraq&m=111065796525043&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/19688 https://nvd.nist.gov https://www.exploit-db.com/exploits/25213/

CVE-2005-0781

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect