CVE-2005-3509

Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php.

Published: Nov 6, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3509
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
jportal / jportal_web_portal	2.2.1	2.2.1.x
jportal / jportal_web_portal	2.3.1	2.3.1.x

http://foro.elhacker.net/index.php?topic=93436.0
http://www.security.nnov.ru/Kdocument105.html
http://www.securityfocus.com/bid/15324
http://www.vupen.com/english/advisories/2005/2310

Vulnerability Database

CVE-2005-3509