CVE-2005-4517
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/12/2005
Last modified:
19/10/2018
Description
SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:php_fusion:php_fusion:6.00.200:*:*:*:*:*:*:* | ||
cpe:2.3:a:php_fusion:php_fusion:6.00.206:*:*:*:*:*:*:* | ||
cpe:2.3:a:php_fusion:php_fusion:6.00.207:*:*:*:*:*:*:* | ||
cpe:2.3:a:php_fusion:php_fusion:6.00.300:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page