CVE-2005-0676 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Phpoutsourcing	Zorum	3.5

References

http://securitytracker.com/id?1013365ExploitVendor Advisory
http://securitytracker.com/id?1013365ExploitVendor Advisory

FAQ

What is CVE-2005-0676?

CVE-2005-0676 is a vulnerability with a CVSS score of 7.5 (HIGH). index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability.

How severe is CVE-2005-0676?

CVE-2005-0676 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-0676?

Check the references section above for vendor advisories and patch information. Affected products include: Phpoutsourcing Zorum.