CVE-2004-2175

critical

Description

Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15035

http://www.zone-h.org/en/advisories/read/id=3864/

http://secunia.com/advisories/10786/

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics