High Published: Dec 31, 2002 Modified: Apr 03, 2025

CVE-2002-2277

7.5 CVSS Score High

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Export CVE-2002-2277 Data:

Link copied!

Description

SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Confidentiality P

Integrity P

Availability P

Affected Software Configurations

a portail_web_php portail_web_php 0.99 * * * * * * *

Weaknesses (CWE)

CWE-89

References & External Links

http://archives.neohapsis.com/archives/bugtraq/2002-11/0359.html
http://www.securityfocus.com/bid/6273
https://exchange.xforce.ibmcloud.com/vulnerabilities/10735
http://archives.neohapsis.com/archives/bugtraq/2002-11/0359.html
http://www.securityfocus.com/bid/6273
https://exchange.xforce.ibmcloud.com/vulnerabilities/10735

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Dec 20, 2007 20:13 Initial Analysis

Jul 29, 2017 01:29 CVE Modified

May 14, 2024 01:22 CVE Modified

Nov 20, 2024 23:43 CVE Modified

← Back to CVE Tracker