Vulnerabilities > CVE-2005-2637 - Unspecified vulnerability in PHPfreenews

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phpfreenews

exploit available

NVD

Published: 2005-08-23

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Match or (2) CatID parameter to SearchResults.php, or (3) the password to AccessControl.php.

Vulnerable Configurations

Part	Description	Count
Application	Phpfreenews Phpfreenews Phpfreenews *	1

Exploit-Db

description	PHPFreeNews 1.40 SearchResults.PHP Multiple SQL Injection Vulnerabilities. CVE-2005-2637. Webapps exploit for php platform
id	EDB-ID:26159
last seen	2016-02-03
modified	2005-08-17
published	2005-08-17
reporter	h4cky
source	https://www.exploit-db.com/download/26159/
title	PHPFreeNews 1.40 - SearchResults.PHP Multiple SQL Injection Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References