Detections
Analytics

CVE-2003-0025

critical

Description

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

References

http://www.securitytracker.com/id?1005904

http://www.securityfocus.com/bid/6559

http://www.securityfocus.com/archive/1/306268

http://www.debian.org/security/2003/dsa-229

http://secunia.com/advisories/8177

http://secunia.com/advisories/8087

http://marc.info/?l=bugtraq&m=104204786206563&w=2

Details

Source: Mitre, NVD

Published: 2003-01-17

Updated: 2016-10-18

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical