CVE-2005-4232

SQL injection vulnerability in index.php in Jamit Job Board 2.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the vendor has disputed this issue, saying "The vulnerability is without any basis and did not actually work." CVE has not verified either the vendor or researcher statements, but the original researcher is known to make frequent mistakes when reporting SQL injection

Published: Dec 14, 2005
Updated: Nov 8, 2023
CVE: CVE-2005-4232
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
jamit / jamit_job_board	-	2.4.1.x

http://pridels0.blogspot.com/2005/12/jamit-job-board-24x-sql-inj.html
http://secunia.com/advisories/18007
http://www.attrition.org/pipermail/vim/2006-August/000972.html
http://www.osvdb.org/21687
http://www.securityfocus.com/bid/15848
http://www.vupen.com/english/advisories/2005/2879

Vulnerability Database

290,278

CVE-2005-4232