CVE-2005-1637

Description

Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php.

Affected Software
References

Software	From	Fixed in
npds / npds	4.8	4.8.x
npds / npds	5.0	5.0.x

http://securitytracker.com/id?1013973
http://www.npds.org/article.php?sid=1258

Severity: High

CVE: CVE-2005-1637
Published: May 17, 2005
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE-2005-1637

Description

Details

CVSS v2