CVE-2005-2031 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) secid or (6) artid parameter to sections.php, (7) siteid parameter to index.php, or (8) sid parameter to friend.php.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Socialmpn	Socialmpn	All versions

References

http://securitytracker.com/id?1014214Exploit
http://securitytracker.com/id?1014214Exploit

FAQ

What is CVE-2005-2031?

CVE-2005-2031 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid param...

How severe is CVE-2005-2031?

CVE-2005-2031 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2031?

Check the references section above for vendor advisories and patch information. Affected products include: Socialmpn Socialmpn.