CVE-2005-3879
published 2005-11-29CVE-2005-3879: Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.99%
89.2th percentile
Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sbres_id parameter in (a) details_res.php, (b) refer_friend.php, and (c) report_link.php, and (2) the sbcat_id parameter in (d) showcats.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| softbizscripts | resource_repository_script | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Softbiz Resource Repository Script - 'refer_friend.php?sbres_id' SQL Injection
exploitdb·2005-11-28
CVE-2005-3879 Softbiz Resource Repository Script - 'refer_friend.php?sbres_id' SQL Injection
Softbiz Resource Repository Script - 'refer_friend.php?sbres_id' SQL Injection
---
source: https://www.securityfocus.com/bid/15585/info
Softbiz Resource Repository Script is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
/refer_friend.php?sbres_id=1[SQL]
Exploit-DB
Softbiz Resource Repository Script - 'showcats.php?sbcat_id' SQL Injection
exploitdb·2005-11-28
CVE-2005-3879 Softbiz Resource Repository Script - 'showcats.php?sbcat_id' SQL Injection
Softbiz Resource Repository Script - 'showcats.php?sbcat_id' SQL Injection
---
source: https://www.securityfocus.com/bid/15585/info
Softbiz Resource Repository Script is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
/showcats.php?sbcat_id=[SQL]
Exploit-DB
Softbiz Resource Repository Script - 'details_res.php?sbres_id' SQL Injection
exploitdb·2005-11-28
CVE-2005-3879 Softbiz Resource Repository Script - 'details_res.php?sbres_id' SQL Injection
Softbiz Resource Repository Script - 'details_res.php?sbres_id' SQL Injection
---
source: https://www.securityfocus.com/bid/15585/info
Softbiz Resource Repository Script is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
/details_res.php?sbres_id=[SQL]
Exploit-DB
Softbiz Resource Repository Script - 'report_link.php?sbres_id' SQL Injection
exploitdb·2005-11-28
CVE-2005-3879 Softbiz Resource Repository Script - 'report_link.php?sbres_id' SQL Injection
Softbiz Resource Repository Script - 'report_link.php?sbres_id' SQL Injection
---
source: https://www.securityfocus.com/bid/15585/info
Softbiz Resource Repository Script is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
/report_link.php?sbres_id=1[SQL]
No writeups or analysis indexed.
http://pridels0.blogspot.com/2005/11/softbiz-resource-repository-script-sql.htmlhttp://secunia.com/advisories/17555http://www.osvdb.org/21133http://www.osvdb.org/21134http://www.osvdb.org/21135http://www.osvdb.org/21136http://www.securityfocus.com/bid/15585http://www.vupen.com/english/advisories/2005/2617https://exchange.xforce.ibmcloud.com/vulnerabilities/23208http://pridels0.blogspot.com/2005/11/softbiz-resource-repository-script-sql.htmlhttp://secunia.com/advisories/17555http://www.osvdb.org/21133http://www.osvdb.org/21134http://www.osvdb.org/21135http://www.osvdb.org/21136http://www.securityfocus.com/bid/15585http://www.vupen.com/english/advisories/2005/2617https://exchange.xforce.ibmcloud.com/vulnerabilities/23208
2005-11-29
Published