CVE-2005-4619 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-4619

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method.

Affected Software

Name	Vendor	Start Version	End Version
Zorum	Phpoutsourcing	3.0 (including)	3.0 (including)
Zorum	Phpoutsourcing	3.1 (including)	3.1 (including)
Zorum	Phpoutsourcing	3.2 (including)	3.2 (including)
Zorum	Phpoutsourcing	3.3 (including)	3.3 (including)
Zorum	Phpoutsourcing	3.4 (including)	3.4 (including)
Zorum	Phpoutsourcing	3.5 (including)	3.5 (including)

References

http://pridels0.blogspot.com/2005/11/zorum-forum-35-rollid-sql-inj-vuln.html
http://www.osvdb.org/21372
http://www.securityfocus.com/bid/16131
http://pridels0.blogspot.com/2005/11/zorum-forum-35-rollid-sql-inj-vuln.html
http://www.osvdb.org/21372
http://www.securityfocus.com/bid/16131