VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-nhd3-1zpa-ekfa

Essentials
Severities (35)
References (8)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-nhd3-1zpa-ekfa
Aliases	CVE-2005-4349
Summary	SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of the program is to support query execution by authenticated users, and no external attack scenario exists without an auto-login configuration. Thus it is likely that this issue will be REJECTED. However, a closely related CSRF issue has been assigned CVE-2005-4450
Status	Published
Exploitability	0.5
Weighted Severity	5.7
Risk	2.9
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3.1	6.3	http://marc.info/?l=bugtraq&m=113486637512821&w=2
ssvc	Track	http://marc.info/?l=bugtraq&m=113486637512821&w=2
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01013	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01659	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01659	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01659	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01659	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
epss	0.01659	https://api.first.org/data/v1/epss?cve=CVE-2005-4349
cvssv3.1	6.3	http://secunia.com/advisories/18113
ssvc	Track	http://secunia.com/advisories/18113
cvssv3.1	6.3	http://securityreason.com/securityalert/270
ssvc	Track	http://securityreason.com/securityalert/270
cvssv3.1	6.3	http://www.securityfocus.com/archive/1/419829/100/0/threaded
ssvc	Track	http://www.securityfocus.com/archive/1/419829/100/0/threaded
cvssv3.1	6.3	http://www.securityfocus.com/archive/1/419832/100/0/threaded
ssvc	Track	http://www.securityfocus.com/archive/1/419832/100/0/threaded
cvssv3.1	6.3	http://www.vupen.com/english/advisories/2005/2995
ssvc	Track	http://www.vupen.com/english/advisories/2005/2995

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2005-4349
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4349
18113		http://secunia.com/advisories/18113
270		http://securityreason.com/securityalert/270
2995		http://www.vupen.com/english/advisories/2005/2995
?l=bugtraq&m=113486637512821&w=2		http://marc.info/?l=bugtraq&m=113486637512821&w=2
threaded		http://www.securityfocus.com/archive/1/419829/100/0/threaded
threaded		http://www.securityfocus.com/archive/1/419832/100/0/threaded

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://marc.info/?l=bugtraq&m=113486637512821&w=2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/ Found at http://marc.info/?l=bugtraq&m=113486637512821&w=2

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/18113

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/ Found at http://secunia.com/advisories/18113

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://securityreason.com/securityalert/270

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/ Found at http://securityreason.com/securityalert/270

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://www.securityfocus.com/archive/1/419829/100/0/threaded

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/ Found at http://www.securityfocus.com/archive/1/419829/100/0/threaded

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://www.securityfocus.com/archive/1/419832/100/0/threaded

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/ Found at http://www.securityfocus.com/archive/1/419832/100/0/threaded

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://www.vupen.com/english/advisories/2005/2995

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/ Found at http://www.vupen.com/english/advisories/2005/2995

Exploit Prediction Scoring System (EPSS)

Percentile	0.76206
EPSS Score	0.01013
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:31:17.860299+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2005/4xxx/CVE-2005-4349.json	37.0.0