CVE-2005-3419

2005-11-0121:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3419

sql injection

phpbb 2.0.17

vulnerability

remote execution

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized.

CPENameOperatorVersion
phpbb_group:phpbbphpbb group phpbbeq2.0.5
phpbb_group:phpbbphpbb group phpbbeq2.0.7a
phpbb_group:phpbbphpbb group phpbbeq2.0.8
phpbb_group:phpbbphpbb group phpbbeq2.0.11
phpbb_group:phpbbphpbb group phpbbeq2.0.1
phpbb_group:phpbbphpbb group phpbbeq2.0.13
phpbb_group:phpbbphpbb group phpbbeq2.0.16
phpbb_group:phpbbphpbb group phpbbeq2.0.3
phpbb_group:phpbbphpbb group phpbbeq2.0_rc2
phpbb_group:phpbbphpbb group phpbbeq2.0_rc1

CPE	Name	Operator	Version
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.5
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.7a
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.8
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.11
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.1
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.13
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.16
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.3
phpbb_group:phpbb	phpbb group phpbb	eq	2.0_rc2
phpbb_group:phpbb	phpbb group phpbb	eq	2.0_rc1