Lucene search
MitreCVE-2005-2439HistoryAug 03, 2005 - 4:00 a.m.
CVE-2005-2439
2005-08-0304:00:00
mitre
web.nvd.nist.gov
24
cve-2005-2439
sql injection
usebb
magic_quotes_gpc
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.005
Percentile
76.7%
SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function.
Affected configurations
Node
usebbusebbMatch0.1
ORusebbusebbMatch0.1.1
ORusebbusebbMatch0.2
ORusebbusebbMatch0.2.1
ORusebbusebbMatch0.2.2
ORusebbusebbMatch0.2.3
ORusebbusebbMatch0.2.3a
ORusebbusebbMatch0.3
ORusebbusebbMatch0.3.1
ORusebbusebbMatch0.3.2
ORusebbusebbMatch0.4
ORusebbusebbMatch0.4.1
ORusebbusebbMatch0.5
ORusebbusebbMatch0.5.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| usebb | usebb | 0.1 | cpe:2.3:a:usebb:usebb:0.1:*:*:*:*:*:*:* |
| usebb | usebb | 0.1.1 | cpe:2.3:a:usebb:usebb:0.1.1:*:*:*:*:*:*:* |
| usebb | usebb | 0.2 | cpe:2.3:a:usebb:usebb:0.2:*:*:*:*:*:*:* |
| usebb | usebb | 0.2.1 | cpe:2.3:a:usebb:usebb:0.2.1:*:*:*:*:*:*:* |
| usebb | usebb | 0.2.2 | cpe:2.3:a:usebb:usebb:0.2.2:*:*:*:*:*:*:* |
| usebb | usebb | 0.2.3 | cpe:2.3:a:usebb:usebb:0.2.3:*:*:*:*:*:*:* |
| usebb | usebb | 0.2.3a | cpe:2.3:a:usebb:usebb:0.2.3a:*:*:*:*:*:*:* |
| usebb | usebb | 0.3 | cpe:2.3:a:usebb:usebb:0.3:*:*:*:*:*:*:* |
| usebb | usebb | 0.3.1 | cpe:2.3:a:usebb:usebb:0.3.1:*:*:*:*:*:*:* |
| usebb | usebb | 0.3.2 | cpe:2.3:a:usebb:usebb:0.3.2:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.005
Percentile
76.7%
Related for CVE-2005-2439