{"api_version":"1","generated_at":"2026-07-18T02:45:08+00:00","cve":"CVE-2005-1804","urls":{"html":"https://cve.report/CVE-2005-1804","api":"https://cve.report/api/cve/CVE-2005-1804.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-1804","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-1804"},"summary":{"title":"CVE-2005-1804","description":"Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-05-29 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.npds.org/download.php?op=geninfo&did=115","name":"http://www.npds.org/download.php?op=geninfo&did=115","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1014073","name":"http://securitytracker.com/id?1014073","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"NPDS Input Validation Holes in 'glossaire' Module and Links Search Script Permit SQL Injection - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-1804","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1804","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"1804","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"net_portal_dynamic_system","cpe5":"net_portal_dynamic_system","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T22:06:57.323Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1014073","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1014073"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.npds.org/download.php?op=geninfo&did=115"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2005-06-01T04:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1014073","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1014073"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.npds.org/download.php?op=geninfo&did=115"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-1804","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1014073","refsource":"SECTRACK","url":"http://securitytracker.com/id?1014073"},{"name":"http://www.npds.org/download.php?op=geninfo&did=115","refsource":"CONFIRM","url":"http://www.npds.org/download.php?op=geninfo&did=115"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-1804","datePublished":"2005-06-01T04:00:00.000Z","dateReserved":"2005-06-01T00:00:00.000Z","dateUpdated":"2024-09-16T16:53:55.346Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-05-29 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:net_portal_dynamic_system:net_portal_dynamic_system:5.0:*:*:*:*:*:*:*","matchCriteriaId":"6772F991-5640-4282-9DC2-5EB0A35381A9"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"1804","Ordinal":"1","Title":"CVE-2005-1804","CVE":"CVE-2005-1804","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"1804","Ordinal":"1","NoteData":"Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php.","Type":"Description","Title":"CVE-2005-1804"},{"CveYear":"2005","CveId":"1804","Ordinal":"2","NoteData":"2005-06-01","Type":"Other","Title":"Published"}]}}}