Vulnerability Description
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2) the f parameter in events.php, or (3) the e parameter in plug.php.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Neocrome | Land Down Under | 800 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0381.html
- http://www.g-0.org/code/ldu-adv.htmlExploitVendor AdvisoryURL Repurposed
- http://www.osvdb.org/19504Exploit
- http://www.osvdb.org/19505Exploit
- http://www.securityfocus.com/bid/14820Exploit
- http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0381.html
- http://www.g-0.org/code/ldu-adv.htmlExploitVendor AdvisoryURL Repurposed
- http://www.osvdb.org/19504Exploit
- http://www.osvdb.org/19505Exploit
- http://www.securityfocus.com/bid/14820Exploit
FAQ
What is CVE-2005-4821?
CVE-2005-4821 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2) ...
How severe is CVE-2005-4821?
CVE-2005-4821 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4821?
Check the references section above for vendor advisories and patch information. Affected products include: Neocrome Land Down Under.