CVE Vulnerabilities

CVE-2005-1875

Published: Jun 02, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter.

Affected Software

Name Vendor Start Version End Version
Exhibit_engine Exhibit_engine 1.54_rc4 1.54_rc4
Exhibit_engine Exhibit_engine 1.22 1.22

References