CVE Vulnerabilities

CVE-2005-0932

Published: May 02, 2005 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the forgotten password feature, or (3) the domain name in a package order.

Affected Software

Name Vendor Start Version End Version
Phpcoin Coinsoft_technologies 1.2.1 1.2.1
Phpcoin Coinsoft_technologies 1.2.1b 1.2.1b
Phpcoin Coinsoft_technologies 1.2 1.2

References