Published: 03/05/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote malicious users to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
coinsoft technologies phpcoin 1.2
coinsoft technologies phpcoin 1.2.1
coinsoft technologies phpcoin 1.2.1b

source: wwwsecurityfocuscom/bid/13433/info PHPCoin is reportedly affected by multiple SQL injection vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries Successful exploitation could result in a compromise of the application, disclosure or modific ...

source: wwwsecurityfocuscom/bid/13433/info PHPCoin is reportedly affected by multiple SQL injection vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries Successful exploitation could result in a compromise of the application, disclosure or modificat ...

NVD-CWE-Other http://digitalparadox.org/viewadvisories.ah?view=36 http://www.securityfocus.com/bid/13433 http://securitytracker.com/id?1013834 http://pridels0.blogspot.com/2006/03/phpcoin-poc.html http://www.vupen.com/english/advisories/2005/0423 http://marc.info/?l=bugtraq&m=111473522804665&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/20308 https://nvd.nist.gov https://www.exploit-db.com/exploits/25569/

CVE-2005-1384

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect