9.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.2%
Multiple SQL injection vulnerabilities in archive.asp in GAβs Forum Light allow remote attackers to execute arbitrary SQL commands via the (1) Forum and (2) pages parameter. NOTE: SecurityTracker says that the vendor has disputed this issue, saying that GA Forum Light does not use an SQL database. SecurityTrackerβs research indicates that the original problem could be due to a vbscript parsing error based on invalid arguments
CPE | Name | Operator | Version |
---|---|---|---|
gasoft:gas_forum_light | gasoft gas forum light | eq | * |