CVE-2005-1287

2005-04-2604:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

JSON

Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp.

References

marc.info/?l=bugtraq&m=111428133317901&w=2

secunia.com/advisories/15072

securitytracker.com/id?1013793

www.digitalparadox.org/advisories/bkdev.txt

www.osvdb.org/15784

www.osvdb.org/15785

www.osvdb.org/15786

www.securityfocus.com/archive/1/431659/100/0/threaded

www.securityfocus.com/archive/1/431863/100/0/threaded