CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-1875

HIGH
7.5
CVSS Severity Score
EPSS Score0.1900%
EPSS Percentile24.59th
Published2005年6月2日
Last Modified2026年4月16日

Vulnerability Description

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter.

Affected Platforms (CPE)

📦
Exhibit Engine

Exhibit Engine

= 1.22
📦
Exhibit Engine

Exhibit Engine

= 1.54_rc4

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111773894525119&w=2
🔗 http://photography-on-the.net/forum/showthread.php?p=579692
🔗 http://secunia.com/advisories/15583
🔗 http://www.osvdb.org/17006
🔗 http://www.securityfocus.com/bid/13844
🔗 http://marc.info/?l=bugtraq&m=111773894525119&w=2
🔗 http://photography-on-the.net/forum/showthread.php?p=579692
🔗 http://secunia.com/advisories/15583

相关漏洞威胁

CVE-2006-718310.0

PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute a...

CVE-2006-52927.5

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to exe...

CVE-2006-71846.8

Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to ex...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...