Vulnerabilities > CVE-2005-3199 - SQL Injection vulnerability in AspReady FAQ Manager

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

aspready-faq-manager

NVD

Published: 2005-10-14

Updated: 2017-07-11

Summary

Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.

Vulnerable Configurations

Part	Description	Count
Application	Aspready_Faq_Manager Aspready FAQ Manager Aspready FAQ Manager *	1

References

http://marc.info/?l=bugtraq&m=112861875408315&w=2
http://secunia.com/advisories/17091/
http://securityreason.com/securityalert/52
http://securitytracker.com/id?1015015
http://www.osvdb.org/19917
http://www.securityfocus.com/bid/15022
https://exchange.xforce.ibmcloud.com/vulnerabilities/22538