8.8 High
AI Score
Confidence
Low
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.6%
Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) hideemail, (2) languagex, (3) xthetimeoffset, and (4) xthetimeformat parameters during account registration.
CPE | Name | Operator | Version |
---|---|---|---|
deluxebb:deluxebb | deluxebb | eq | 1.06 |
secunia.com/advisories/20152
secunia.com/secunia_research/2006-44/advisory
securityreason.com/securityalert/1134
securitytracker.com/id?1016309
www.osvdb.org/26457
www.securityfocus.com/archive/1/437228/100/100/threaded
www.securityfocus.com/archive/1/438597/100/0/threaded
www.securityfocus.com/bid/18453
www.vupen.com/english/advisories/2006/2347
exchange.xforce.ibmcloud.com/vulnerabilities/27091