Lucene search

CVE-2005-1642

🗓️ 17 May 2005 04:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 40 Views🌐 WEB

SQL injection vuln. in Woltlab Burning Board 2.x & earlier allows remote attackers to execute arbitrary SQL commands via $email variable

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2005-1642	17 May 200504:00	–	nvd
Exploit DB	Burning Board < 2.3.1 - SQL Injection	16 May 201500:00	–	exploitdb
exploitpack	Burning Board 2.3.1 - SQL Injection	16 May 201500:00	–	exploitpack
Cvelist	CVE-2005-1642	17 May 200504:00	–	cvelist
Tenable Nessus	Woltlab Burning Board verify_email Function SQL Injection	17 May 200500:00	–	nessus

Nvd

Node

woltlab burning_boardMatch2.0

Source	Link
vupen	www.vupen.com/english/advisories/2005/0558
secunia	www.secunia.com/advisories/15395
gulftech	www.gulftech.org/
attrition	www.attrition.org/pipermail/vim/2005-May/000047.html
osvdb	www.osvdb.org/16575
archives	www.archives.neohapsis.com/archives/bugtraq/2005-05/0199.html

Parameter	Position	Path	Description	CWE
email	request body	/verify_email	SQL injection vulnerability allowing arbitrary SQL commands through unsanitized email variable.	CWE-89, CWE-20

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 May 2005 04:00Current

8.4High risk

Vulners AI Score8.4

CVSS27.5

EPSS0.00823