Lucene search

K
cve[email protected]CVE-2009-0768
HistoryMar 06, 2009 - 6:50 a.m.

CVE-2009-0768

2009-03-0606:50:20
CWE-89
web.nvd.nist.gov
21
cve-2009-0768
sql injection
yapbb 1.2
forumhop.php
nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.1%

SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action.

Affected configurations

NVD
Node
yapbbyapbbRange1.2
OR
yapbbyapbbMatch1.1
OR
yapbbyapbbMatch1.2beta2
CPENameOperatorVersion
yapbb:yapbbyapbble1.2
yapbb:yapbbyapbbeq1.1

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.1%

Related for CVE-2009-0768