CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
79.2%
Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.
Vendor | Product | Version | CPE |
---|---|---|---|
broadboard_instant | asp_message_board | * | cpe:2.3:a:broadboard_instant:asp_message_board:*:*:*:*:*:*:*:* |
marc.info/?l=bugtraq&m=109630777608244&w=2
secunia.com/advisories/12658
securitytracker.com/id?1011419
www.securityfocus.com/bid/11250
exchange.xforce.ibmcloud.com/vulnerabilities/17498
exchange.xforce.ibmcloud.com/vulnerabilities/17500
exchange.xforce.ibmcloud.com/vulnerabilities/17501
exchange.xforce.ibmcloud.com/vulnerabilities/17502