Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Apr 16, 2026
CVE-2005-2468
CVE-2005-2468
Description
Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
Affected products
8cpe:2.3:a:mysql:eventum:1.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:mysql:eventum:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:eventum:1.5.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- lists.mysql.com/eventum-users/2072nvdPatch
- secunia.com/advisories/16304nvdPatchVendor Advisory
- securitytracker.com/idnvdExploitPatch
- www.gulftech.orgnvdExploit
- www.osvdb.org/18403nvdExploitPatch
- www.osvdb.org/18404nvdExploitPatch
- www.osvdb.org/18405nvdExploitPatch
- www.osvdb.org/18406nvdExploitPatch
- www.securityfocus.com/bid/14437nvdExploit
- marc.infonvd
- www.vupen.com/english/advisories/2005/1287nvd
News mentions
0No linked articles in our index yet.