CVE-2005-4035

N/A Unknown

Published: December 06, 2005 Modified: April 16, 2026

Description

Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prod, and (2) brid parameters to (a) view.php; the (3) the bid parameter to (b) viewbrands.php; and the (4) grp and (5) cat parameters to index.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://pridels0.blogspot.com/2005/12/ecommerce-enterprise-edition-sql-inj.html

Source: cve@mitre.org

http://secunia.com/advisories/17881

Source: cve@mitre.org

http://www.osvdb.org/21466

Source: cve@mitre.org

http://www.osvdb.org/21467

Source: cve@mitre.org

http://www.osvdb.org/21468

Source: cve@mitre.org

http://www.securityfocus.com/bid/15707

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2005/2744

Source: cve@mitre.org

http://pridels0.blogspot.com/2005/12/ecommerce-enterprise-edition-sql-inj.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17881

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/21466

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/21467

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/21468

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15707

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2005/2744

Source: af854a3a-2127-422b-91ae-364da2661108

14 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.8%

73th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

web4future