Lucene search

[email protected]CVE-2005-1642

HistoryMay 17, 2005 - 4:00 a.m.

CVE-2005-1642

2005-05-1704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

woltlab burning board

remote attackers

arbitrary commands

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable.

CPENameOperatorVersion
woltlab:burning_boardwoltlab burning boardeq2.0

CPE	Name	Operator	Version
woltlab:burning_board	woltlab burning board	eq	2.0

References

archives.neohapsis.com/archives/bugtraq/2005-05/0199.html

secunia.com/advisories/15395

www.attrition.org/pipermail/vim/2005-May/000047.html

www.gulftech.org/?node=research&article_id=00075-05162005

www.osvdb.org/16575

www.vupen.com/english/advisories/2005/0558

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

Related for CVE-2005-1642

exploitpack1 nessus1 cvelist1 exploitdb1