Lucene search
MitreCVE-2004-2456HistoryAug 20, 2005 - 4:00 a.m.
CVE-2004-2456
2005-08-2004:00:00
mitre
web.nvd.nist.gov
33
sql injection
minibb
index.php
vulnerability
remote attackers
userinfo action
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.007
Percentile
80.8%
SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action.
Affected configurations
Node
minibbminibbMatch1.2
ORminibbminibbMatch1.5
ORminibbminibbMatch1.6
ORminibbminibbMatch1.7
ORminibbminibbMatch1.7a
ORminibbminibbMatch1.7c
| Vendor | Product | Version | CPE |
|---|---|---|---|
| minibb | minibb | 1.2 | cpe:2.3:a:minibb:minibb:1.2:*:*:*:*:*:*:* |
| minibb | minibb | 1.5 | cpe:2.3:a:minibb:minibb:1.5:*:*:*:*:*:*:* |
| minibb | minibb | 1.6 | cpe:2.3:a:minibb:minibb:1.6:*:*:*:*:*:*:* |
| minibb | minibb | 1.7 | cpe:2.3:a:minibb:minibb:1.7:*:*:*:*:*:*:* |
| minibb | minibb | 1.7a | cpe:2.3:a:minibb:minibb:1.7a:*:*:*:*:*:*:* |
| minibb | minibb | 1.7c | cpe:2.3:a:minibb:minibb:1.7c:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
MiniBB 1.7f - 'user' SQL Injection
2004-11-16 00:00:00
nessus
nessus
miniBB index.php user Parameter SQL Injection
2004-11-19 00:00:00
nvd
nvd
CVE-2004-2456
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-2456
2005-08-20 04:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.007
Percentile
80.8%
Related for CVE-2004-2456