CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
80.8%
SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action.
Vendor | Product | Version | CPE |
---|---|---|---|
minibb | minibb | 1.2 | cpe:2.3:a:minibb:minibb:1.2:*:*:*:*:*:*:* |
minibb | minibb | 1.5 | cpe:2.3:a:minibb:minibb:1.5:*:*:*:*:*:*:* |
minibb | minibb | 1.6 | cpe:2.3:a:minibb:minibb:1.6:*:*:*:*:*:*:* |
minibb | minibb | 1.7 | cpe:2.3:a:minibb:minibb:1.7:*:*:*:*:*:*:* |
minibb | minibb | 1.7a | cpe:2.3:a:minibb:minibb:1.7a:*:*:*:*:*:*:* |
minibb | minibb | 1.7c | cpe:2.3:a:minibb:minibb:1.7c:*:*:*:*:*:*:* |