CyberSec.Space Logo
Back to CVE Browser

CVE-2005-2284

HIGH
7.5
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile26.57th
PublishedJul 18, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack vectors.

Affected Platforms (CPE)

πŸ“¦
Esi Products

Webeoc

<= 6.0.1

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/372797
πŸ”— http://www.kb.cert.org/vuls/id/JGEI-6C8Q27
πŸ”— http://www.kb.cert.org/vuls/id/372797
πŸ”— http://www.kb.cert.org/vuls/id/JGEI-6C8Q27

Related Vulnerabilities

CVE-2005-228610.0

WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct requ...

CVE-2005-22817.5

WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords.

CVE-2005-40295.0

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could...

CVE-2005-22855.0

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remot...