Description
Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php.
Exploits (2)
References (2)
Core 2
Core References
Patch x_refsource_confirm
http://www.npds.org/article.php?sid=1258
Exploit, Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013973
Scores
EPSS
0.0032
EPSS Percentile
54.9%
Details
Status
published
Products (2)
npds/npds
4.8
npds/npds
5.0
Published
May 17, 2005
Tracked Since
Feb 18, 2026