8.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
77.8%
Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.
CPE | Name | Operator | Version |
---|---|---|---|
softbb:softbb | softbb | le | 0.1 |
acid-root.new.fr/advisories/10060904.txt
secunia.com/advisories/21761
securityreason.com/securityalert/1521
securitytracker.com/id?1016785
www.osvdb.org/28577
www.osvdb.org/28578
www.securityfocus.com/archive/1/445087/100/0/threaded
www.vupen.com/english/advisories/2006/3478
exchange.xforce.ibmcloud.com/vulnerabilities/28747
www.exploit-db.com/exploits/2300