Lucene search

[email protected]CVE-2002-2176

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2176

2022-10-0316:23:49

[email protected]

web.nvd.nist.gov

cve-2002-2176

sql injection

gender mod 1.1.3

remote attackers

admin access

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.3%

JSON

SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.

Affected configurations

NVD

Node

phpbb_groupphpbbMatch2.0.0

phpbb_groupphpbbMatch2.0.1

CPENameOperatorVersion
phpbb_group:phpbbphpbb group phpbbeq2.0.0
phpbb_group:phpbbphpbb group phpbbeq2.0.1

CPE	Name	Operator	Version
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.0
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.1

References

online.securityfocus.com/archive/1/284691

www.iss.net/security_center/static/9692.php

www.securityfocus.com/bid/5342

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.3%

JSON

Related for CVE-2002-2176

nvd1 cvelist1