Unrated severityNVD Advisory· Published Dec 20, 2005· Updated Apr 16, 2026

CVE-2005-4408

Description

Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.

Affected products

Pc Media/Miraserver
cpe:2.3:a:pc_media:miraserver:*:*:*:*:*:*:*:*
Range: <=1.0_rc4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

pridels0.blogspot.com/2005/12/miraserver-sql-vuln.htmlnvd
secunia.com/advisories/18110nvd
www.osvdb.org/21836nvd
www.osvdb.org/21837nvd
www.osvdb.org/21838nvd
www.securityfocus.com/bid/15960nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000