CVE-2005-0858
CVE-2005-0858 is a high-severity vulnerability in Coolforum with a CVSS 2.0 base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: High (CVSS 2.0 base score 7.5)
- EPSS exploit prediction: 1% (65th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Coolforum
- Published:
- Last modified:
Description
Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php.
Frequently asked questions
- What is CVE-2005-0858?
- Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php.
- How severe is CVE-2005-0858?
- CVE-2005-0858 has a CVSS 2.0 base score of 7.5, rated high severity.
- Is CVE-2005-0858 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (65th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2005-0858?
- CVE-2005-0858 affects Coolforum. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2005-0858?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2005-0858 published?
- CVE-2005-0858 was published on 2005-05-02 and last updated on 2026-06-16.
References
- http://securitytracker.com/id?1013474
- http://www.securityfocus.com/bid/12852
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19761
Affected products (1)
- cpe:2.3:a:coolforum:coolforum:*:*:*:*:*:*:*:*
More vulnerabilities in Coolforum
- CVE-2005-0855 — Critical (CVSS 10.0): CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sensitive path information via direct requests to…
- CVE-2006-2867 — High (CVSS 7.5): SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute…
- CVE-2005-0856 — High (CVSS 7.5): CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to (1)…
- CVE-2002-1515 — Medium (CVSS 5.0): Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files…
- CVE-2005-0857 — Medium (CVSS 4.3): Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum 0.8 and earlier allows remote attackers to inject…