Published: 17/05/2005 Updated: 05/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote malicious users to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
npds npds 5.0
npds npds 4.8

source: wwwsecurityfocuscom/bid/13649/info NPDS is prone to an SQL injection vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input to the 'thold' parameter Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an ...

source: wwwsecurityfocuscom/bid/13649/info NPDS is prone to an SQL injection vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input to the 'thold' parameter Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an att ...

NVD-CWE-Other http://www.npds.org/article.php?sid=1258 http://securitytracker.com/id?1013973 https://nvd.nist.gov https://www.exploit-db.com/exploits/25672/

CVE-2005-1637

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect