ByteOS Network

NVD Vulnerability Details :

CVE-2005-3543

Deferred

Source-cve@mitre.org

Published At-16 Nov, 2005 | 07:42

Updated At-03 Apr, 2025 | 01:03

SQL injection vulnerability in search.php in Phorum 5.0.0alpha through 5.0.20, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the forum_ids parameter.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

phorum>>phorum>>5.0.0_alpha

cpe:2.3:a:phorum:phorum:5.0.0_alpha:*:*:*:*:*:*:*

phorum>>phorum>>5.0.1_alpha

cpe:2.3:a:phorum:phorum:5.0.1_alpha:*:*:*:*:*:*:*

phorum>>phorum>>5.0.2_alpha

cpe:2.3:a:phorum:phorum:5.0.2_alpha:*:*:*:*:*:*:*

phorum>>phorum>>5.0.3_beta

cpe:2.3:a:phorum:phorum:5.0.3_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.4_beta

cpe:2.3:a:phorum:phorum:5.0.4_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.4a_beta

cpe:2.3:a:phorum:phorum:5.0.4a_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.5_beta

cpe:2.3:a:phorum:phorum:5.0.5_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.6_beta

cpe:2.3:a:phorum:phorum:5.0.6_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.7_beta

cpe:2.3:a:phorum:phorum:5.0.7_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.7a_beta

cpe:2.3:a:phorum:phorum:5.0.7a_beta:*:*:*:*:*:*:*

phorum>>phorum>>5.0.8_rc

cpe:2.3:a:phorum:phorum:5.0.8_rc:*:*:*:*:*:*:*

phorum>>phorum>>5.0.9

cpe:2.3:a:phorum:phorum:5.0.9:*:*:*:*:*:*:*

phorum>>phorum>>5.0.10

cpe:2.3:a:phorum:phorum:5.0.10:*:*:*:*:*:*:*

phorum>>phorum>>5.0.11

cpe:2.3:a:phorum:phorum:5.0.11:*:*:*:*:*:*:*

phorum>>phorum>>5.0.12

cpe:2.3:a:phorum:phorum:5.0.12:*:*:*:*:*:*:*

phorum>>phorum>>5.0.13

cpe:2.3:a:phorum:phorum:5.0.13:*:*:*:*:*:*:*

phorum>>phorum>>5.0.13a

cpe:2.3:a:phorum:phorum:5.0.13a:*:*:*:*:*:*:*

phorum>>phorum>>5.0.14

cpe:2.3:a:phorum:phorum:5.0.14:*:*:*:*:*:*:*

phorum>>phorum>>5.0.14a

cpe:2.3:a:phorum:phorum:5.0.14a:*:*:*:*:*:*:*

phorum>>phorum>>5.0.15

cpe:2.3:a:phorum:phorum:5.0.15:*:*:*:*:*:*:*

phorum>>phorum>>5.0.16

cpe:2.3:a:phorum:phorum:5.0.16:*:*:*:*:*:*:*

phorum>>phorum>>5.0.17

cpe:2.3:a:phorum:phorum:5.0.17:*:*:*:*:*:*:*

phorum>>phorum>>5.0.18

cpe:2.3:a:phorum:phorum:5.0.18:*:*:*:*:*:*:*

phorum>>phorum>>5.0.19

cpe:2.3:a:phorum:phorum:5.0.19:*:*:*:*:*:*:*

phorum>>phorum>>5.0.20

cpe:2.3:a:phorum:phorum:5.0.20:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-89	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://marc.info/?l=bugtraq&m=113122911424216&w=2	cve@mitre.org	N/A
http://phorum.org/story.php?57	cve@mitre.org	N/A
http://secunia.com/advisories/17456	cve@mitre.org	Patch Vendor Advisory
http://securityreason.com/securityalert/153	cve@mitre.org	N/A
http://www.osvdb.org/20524	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2005/2332	cve@mitre.org	N/A
http://www.waraxe.us/advisory-43.html	cve@mitre.org	Exploit Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=113122911424216&w=2	af854a3a-2127-422b-91ae-364da2661108	N/A
http://phorum.org/story.php?57	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/17456	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://securityreason.com/securityalert/153	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.osvdb.org/20524	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2005/2332	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.waraxe.us/advisory-43.html	af854a3a-2127-422b-91ae-364da2661108	Exploit Patch Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History