Lucene search

[email protected]CVE-2002-1505

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1505

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

sql injection

woltlab burning board

database modification

vulnerability

remote attack

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.4%

JSON

SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.

Affected configurations

NVD

Node

woltlabburning_boardRange≤2.0_rc1

woltlabburning_boardMatch2.0_beta_3

woltlabburning_boardMatch2.0_beta_4

woltlabburning_boardMatch2.0_beta_5

CPENameOperatorVersion
woltlab:burning_boardwoltlab burning boardle2.0_rc1
woltlab:burning_boardwoltlab burning boardeq2.0_beta_3
woltlab:burning_boardwoltlab burning boardeq2.0_beta_4
woltlab:burning_boardwoltlab burning boardeq2.0_beta_5

CPE	Name	Operator	Version
woltlab:burning_board	woltlab burning board	le	2.0_rc1
woltlab:burning_board	woltlab burning board	eq	2.0_beta_3
woltlab:burning_board	woltlab burning board	eq	2.0_beta_4
woltlab:burning_board	woltlab burning board	eq	2.0_beta_5

References

archives.neohapsis.com/archives/bugtraq/2002-09/0083.html

www.iss.net/security_center/static/10069.php

www.securityfocus.com/bid/5675

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.4%

JSON

Related for CVE-2002-1505

cvelist1 nvd1