Vulnerabilities > CVE-2005-3681 - Unspecified vulnerability in Xoops Wf-Downloads 2.05

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

xoops

exploit available

NVD

Published: 2005-11-18

Updated: 2016-10-18

Summary

SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers to execute arbitrary SQL commands via the list parameter.

Vulnerable Configurations

Part	Description	Count
Application	Xoops Xoops WF Downloads 2.05	1

Exploit-Db

description	XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit. CVE-2005-3681. Webapps exploit for php platform
id	EDB-ID:1315
last seen	2016-01-31
modified	2005-11-12
published	2005-11-12
reporter	rgod
source	https://www.exploit-db.com/download/1315/
title	XOOPS wfdownloads 2.05 Module Multiple Vulnerabilities Exploit

References

http://marc.info/?l=bugtraq&m=113199244824660&w=2
http://secunia.com/advisories/17575
http://www.osvdb.org/20852
http://www.securityfocus.com/bid/15406/
http://www.vupen.com/english/advisories/2005/2425