Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 15/12/2005 Updated: 07/03/2011

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in the News module in Envolution allows remote malicious users to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
envolution envolution

source: wwwsecurityfocuscom/bid/15857/info Envolution is prone to multiple input validation vulnerabilities Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials They may also permit an attacker to expl ...

CWE-89 http://www.securityfocus.com/bid/15857 http://securitytracker.com/id?1015351 http://secunia.com/advisories/18069 http://www.osvdb.org/21752 http://www.vupen.com/english/advisories/2005/2927 https://nvd.nist.gov https://www.exploit-db.com/exploits/26819/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4263

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect