Lucene search

[email protected]CVE-2005-1170

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1170

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

sql injection

mod.php

datenbank module

phpbb

vulnerability

remote attackers

sql commands

id parameter

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.2%

JSON

SQL injection vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

datenbank_moduledatenbank_module

CPENameOperatorVersion
datenbank_module:datenbank_moduledatenbank moduleeq*

CPE	Name	Operator	Version
datenbank_module:datenbank_module	datenbank module	eq	*

References

marc.info/?l=bugtraq&m=111367077709726&w=2

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.2%

JSON

Related for CVE-2005-1170

nvd1 cvelist1