Lucene search

[email protected]CVE-2003-1244

HistoryNov 16, 2005 - 7:37 a.m.

CVE-2003-1244

2005-11-1607:37:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2003

1244

sql injection

phpbb

remote attackers

brute force

unauthorized access

forums

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.1%

JSON

SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.

Affected configurations

NVD

Node

phpbb_groupphpbbMatch2.0.0

phpbb_groupphpbbMatch2.0.1

phpbb_groupphpbbMatch2.0.2

CPENameOperatorVersion
phpbb_group:phpbbphpbb group phpbbeq2.0.0
phpbb_group:phpbbphpbb group phpbbeq2.0.1
phpbb_group:phpbbphpbb group phpbbeq2.0.2

CPE	Name	Operator	Version
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.0
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.1
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.2

References

archives.neohapsis.com/archives/bugtraq/2003-02/0245.html

www.iss.net/security_center/static/11376.php

www.securityfocus.com/bid/6888

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.1%

JSON

Related for CVE-2003-1244

nvd1 cvelist1