Lucene search

[email protected]CVE-2005-3746

HistoryNov 22, 2005 - 11:03 a.m.

CVE-2005-3746

2005-11-2211:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

apboard

thread.php

security vulnerability

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.1%

JSON

SQL injection vulnerability in thread.php in APBoard allows remote attackers to execute arbitrary SQL commands via the start parameter.

CPENameOperatorVersion
apboard:apboardapboardeq*

CPE	Name	Operator	Version
apboard:apboard	apboard	eq	*

References

securityreason.com/securityalert/198

www.osvdb.org/21289

www.securityfocus.com/archive/1/417298

www.securityfocus.com/bid/15513

exchange.xforce.ibmcloud.com/vulnerabilities/23200

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.1%

JSON