Vulnerability Details : CVE-2005-1673
Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php.
Vulnerability category: Sql Injection
Exploit prediction scoring system (EPSS) score for CVE-2005-1673
Probability of exploitation activity in the next 30 days: 0.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 45 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-1673
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-1673
-
http://www.securityfocus.com/archive/1/398457/2005-05-15/2005-05-21/0
Exploit;Patch;Vendor Advisory
Products affected by CVE-2005-1673
- cpe:2.3:a:ubertec:help_center_live:*:*:*:*:*:*:*:*