PT-2005-4813 · Alisveristr · Alisveristr E-Commerce

B3G0K

Published

2005-12-08

Updated

2018-10-19

CVE-2005-4081

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Alisveristr E-commerce (affected versions not specified)

Description The issue concerns multiple SQL injection vulnerabilities that allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands. This is achieved via the username and password parameters in two locations: the user login and the administrator login pages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4081

Affected Products

Alisveristr E-Commerce

PT-2005-4813 · Alisveristr · Alisveristr E-Commerce

CVE-2005-4081

Related Identifiers

Affected Products

References · 7