Vulnerabilities > CVE-2005-3063 - SQL Injection vulnerability in UNU Networks Mailgust 1.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | MailGust <= 1.9 (board takeover) SQL Injection Exploit. CVE-2005-3063. Webapps exploit for php platform |
| id | EDB-ID:1227 |
| last seen | 2016-01-31 |
| modified | 2005-09-24 |
| published | 2005-09-24 |
| reporter | rgod |
| source | https://www.exploit-db.com/download/1227/ |
| title | MailGust <= 1.9 board takeover SQL Injection Exploit |
Nessus
| NASL family | CGI abuses |
| NASL id | MAILGUST_SQL_INJECTION.NASL |
| description | The remote host appears to be running MailGust, a mailing list manager, newsletter distribution tool and message board. A vulnerability was identified in MailGust that could be exploited by remote attackers to execute arbitrary SQL commands provided PHP |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 19947 |
| published | 2005-10-06 |
| reporter | This script is Copyright (C) 2005-2018 Ferdy Riphagen |
| source | https://www.tenable.com/plugins/nessus/19947 |
| title | Mailgust Password Reminder email Field SQL Injection |