Unrated severityNVD Advisory· Published Dec 20, 2005· Updated Apr 16, 2026

CVE-2005-4382

Description

SQL injection vulnerability in CitySoft Community Enterprise 4.x allows remote attackers to execute arbitrary SQL commands via the (1) nodeID, (2) pageID, (3) ID, and (4) parentid parameter to index.cfm; and (5) documentFormatId parameter to document/docWindow.cfm.

Affected products

Citysoft/Community Enterprise
cpe:2.3:a:citysoft:community_enterprise:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/18145/nvdVendor Advisory
www.vupen.com/english/advisories/2005/2979nvdVendor Advisory
pridels0.blogspot.com/2005/12/community-enterprise-4x-multiple-vuln.htmlnvd
www.osvdb.org/21855nvd
www.osvdb.org/21969nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23818nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000