CVE-2005-2035

SQL injection vulnerability in login.asp for Cool Cafe (Cool Caf?) Chat 1.2.1 allows remote attackers to execute arbitrary SQL commands via the password.

Published : 2005-06-16 04:00 Updated : 2019-10-10 11:19

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Cool Cafe Chat Cool Cafe Chat 1.2.1 cpe:/a:cool_cafe_chat:cool_cafe_chat:1.2.1
  1. Cool Cafe Chat (1) Search CVE
    1. Cool Cafe Chat (1) Search CVE
      1. 1.2.1

CWE

ID Name Description Links
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. CVE

History of changes

Date Event
2019-03-18 02:29
2005-06-16 04:00

New CVE