CVE-2005-4226 - OpenCVE

Multiple "potential" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Phpwebthings	Phpwebthings

Configuration 1 [-]

cpe:2.3:a:phpwebthings:phpwebthings:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://glide.stanford.edu/yichen/research/sec.pdf
http://secunia.com/advisories/18011/
http://www.osvdb.org/21650
http://www.osvdb.org/21651
http://www.osvdb.org/21652
http://www.osvdb.org/21653
http://www.osvdb.org/21654
http://www.osvdb.org/21655
http://www.osvdb.org/21656
http://www.securityfocus.com/archive/1/419280/100/0/threaded
http://www.securityfocus.com/archive/1/419487/100/0/threaded
http://www.vupen.com/english/advisories/2005/2860
https://exchange.xforce.ibmcloud.com/vulnerabilities/23565

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-12-14T11:00:00

Updated: 2024-08-07T23:38:51.596Z

Reserved: 2005-12-14T00:00:00

Link: CVE-2005-4226

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-12-14T11:03:00.000

Modified: 2018-10-19T15:40:38.927

Link: CVE-2005-4226

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-11T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple \"potential\" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/419280/100/0/threaded"}, {"name": "21653", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21653"}, {"name": "21650", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21650"}, {"name": "ADV-2005-2860", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2860"}, {"name": "18011", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18011/"}, {"name": "21654", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21654"}, {"name": "phpwebthings-download-ref-sql-injection(23565)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23565"}, {"tags": ["x_refsource_MISC"], "url": "http://glide.stanford.edu/yichen/research/sec.pdf"}, {"name": "21651", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21651"}, {"name": "20051212 [PHP-CHECKER] 99 potential SQL injection vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/419487/100/0/threaded"}, {"name": "21656", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21656"}, {"name": "21655", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21655"}, {"name": "21652", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/21652"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-4226", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple \"potential\" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/419280/100/0/threaded"}, {"name": "21653", "refsource": "OSVDB", "url": "http://www.osvdb.org/21653"}, {"name": "21650", "refsource": "OSVDB", "url": "http://www.osvdb.org/21650"}, {"name": "ADV-2005-2860", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2860"}, {"name": "18011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18011/"}, {"name": "21654", "refsource": "OSVDB", "url": "http://www.osvdb.org/21654"}, {"name": "phpwebthings-download-ref-sql-injection(23565)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23565"}, {"name": "http://glide.stanford.edu/yichen/research/sec.pdf", "refsource": "MISC", "url": "http://glide.stanford.edu/yichen/research/sec.pdf"}, {"name": "21651", "refsource": "OSVDB", "url": "http://www.osvdb.org/21651"}, {"name": "20051212 [PHP-CHECKER] 99 potential SQL injection vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/419487/100/0/threaded"}, {"name": "21656", "refsource": "OSVDB", "url": "http://www.osvdb.org/21656"}, {"name": "21655", "refsource": "OSVDB", "url": "http://www.osvdb.org/21655"}, {"name": "21652", "refsource": "OSVDB", "url": "http://www.osvdb.org/21652"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:38:51.596Z"}, "title": "CVE Program Container", "references": [{"name": "20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/419280/100/0/threaded"}, {"name": "21653", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21653"}, {"name": "21650", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21650"}, {"name": "ADV-2005-2860", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/2860"}, {"name": "18011", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18011/"}, {"name": "21654", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21654"}, {"name": "phpwebthings-download-ref-sql-injection(23565)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23565"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://glide.stanford.edu/yichen/research/sec.pdf"}, {"name": "21651", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21651"}, {"name": "20051212 [PHP-CHECKER] 99 potential SQL injection vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/419487/100/0/threaded"}, {"name": "21656", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21656"}, {"name": "21655", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21655"}, {"name": "21652", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/21652"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-4226", "datePublished": "2005-12-14T11:00:00", "dateReserved": "2005-12-14T00:00:00", "dateUpdated": "2024-08-07T23:38:51.596Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phpwebthings:phpwebthings:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F54F969-871D-4D1F-8D97-B5297D5A492A", "versionEndIncluding": "1.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple \"potential\" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585."}], "id": "CVE-2005-4226", "lastModified": "2018-10-19T15:40:38.927", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-14T11:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://glide.stanford.edu/yichen/research/sec.pdf"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18011/"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21650"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21651"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21652"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21653"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21654"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21655"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/21656"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/419280/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/419487/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2860"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23565"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}