Lucene search

[email protected]CVE-2004-1406

HistoryFeb 12, 2005 - 5:00 a.m.

CVE-2004-1406

2005-02-1205:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1406

sql injection

ikonboard.cgi

ikonboard 3.1.0

ikonboard 3.1.3

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.4%

JSON

SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the (1) st or (2) keywords parameter.

Affected configurations

NVD

Node

ikonboard.comikonboardMatch3.0.1

ikonboard.comikonboardMatch3.1.1

ikonboard.comikonboardMatch3.1.2a

ikonboard.comikonboardMatch3.1.3

CPENameOperatorVersion
ikonboard.com:ikonboardikonboard.com ikonboardeq3.0.1
ikonboard.com:ikonboardikonboard.com ikonboardeq3.1.1
ikonboard.com:ikonboardikonboard.com ikonboardeq3.1.2a
ikonboard.com:ikonboardikonboard.com ikonboardeq3.1.3

CPE	Name	Operator	Version
ikonboard.com:ikonboard	ikonboard.com ikonboard	eq	3.0.1
ikonboard.com:ikonboard	ikonboard.com ikonboard	eq	3.1.1
ikonboard.com:ikonboard	ikonboard.com ikonboard	eq	3.1.2a
ikonboard.com:ikonboard	ikonboard.com ikonboard	eq	3.1.3

References

marc.info/?l=bugtraq&m=110321654705580&w=2

secunia.com/advisories/13513

www.securityfocus.com/bid/11982

exchange.xforce.ibmcloud.com/vulnerabilities/18533

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.4%

JSON

Related for CVE-2004-1406

cvelist1 nvd1 nessus1