Vulnerabilities > CVE-2005-4240 - Input Validation vulnerability in VCD-DB

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

exploit available

NVD

Published: 2005-12-14

Updated: 2008-09-20

Summary

SQL injection vulnerability in search.php in VCD-db 0.98 and earlier allows remote attackers to execute arbitrary SQL commands via the by parameter.

Part	Description	Count
Application	Vcd-Db VCD DB VCD DB 0.97 VCD DB VCD DB 0.98 VCD DB VCD DB 0.961 VCD DB VCD DB 0.971 VCD DB VCD DB 0.972 VCD DB VCD DB 0.973	6

description	VCD-db 0.9x search.php by Parameter SQL Injection. CVE-2005-4240. Webapps exploit for php platform
id	EDB-ID:26795
last seen	2016-02-03
modified	2005-12-13
published	2005-12-13
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26795/
title	VCD-db 0.9x search.php by Parameter SQL Injection