Vulnerability Description
SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bedeng Psp | Bedeng Psp | 1.1 |
References
- http://pridels0.blogspot.com/2005/11/bedengpsp-sql-inj-vuln.html
- http://secunia.com/advisories/17760Vendor Advisory
- http://www.osvdb.org/21174
- http://www.osvdb.org/21175
- http://www.osvdb.org/21176
- http://www.securityfocus.com/bid/15583Exploit
- http://pridels0.blogspot.com/2005/11/bedengpsp-sql-inj-vuln.html
- http://secunia.com/advisories/17760Vendor Advisory
- http://www.osvdb.org/21174
- http://www.osvdb.org/21175
- http://www.osvdb.org/21176
- http://www.securityfocus.com/bid/15583Exploit
FAQ
What is CVE-2005-3953?
CVE-2005-3953 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.p...
How severe is CVE-2005-3953?
CVE-2005-3953 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3953?
Check the references section above for vendor advisories and patch information. Affected products include: Bedeng Psp Bedeng Psp.