Unrated severityNVD Advisory· Published Dec 5, 2005· Updated Apr 16, 2026

CVE-2005-4010

Description

SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php.

Affected products

Sensation Designs/Kbase Express
cpe:2.3:a:sensation_designs:kbase_express:*:*:*:*:*:*:*:*
Range: <=1.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17806nvdVendor Advisory
pridels0.blogspot.com/2005/11/kbase-express-sql-inj-vuln.htmlnvd
www.osvdb.org/21340nvd
www.osvdb.org/21341nvd
www.securityfocus.com/bid/15635nvd
www.vupen.com/english/advisories/2005/2641nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23309nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000