Vulnerability Description
SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| My Little Homepage | My Little Forum | 1.3 |
References
- http://marc.info/?l=bugtraq&m=112741430006983&w=2
- http://rgod.altervista.org/mylittle15_16b.htmlExploitVendor Advisory
- http://secunia.com/advisories/16913/Vendor Advisory
- http://www.securityfocus.com/bid/14908Exploit
- http://marc.info/?l=bugtraq&m=112741430006983&w=2
- http://rgod.altervista.org/mylittle15_16b.htmlExploitVendor Advisory
- http://secunia.com/advisories/16913/Vendor Advisory
- http://www.securityfocus.com/bid/14908Exploit
FAQ
What is CVE-2005-3045?
CVE-2005-3045 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field.
How severe is CVE-2005-3045?
CVE-2005-3045 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3045?
Check the references section above for vendor advisories and patch information. Affected products include: My Little Homepage My Little Forum.