ID 3242.PRM Type nessus Reporter Tenable Modified 2019-03-06T00:00:00
Description
The remote host is running SEO-Board, a web forum written in PHP. This version of SEO-Board is vulnerable to a flaw in the way that it handles malformed data. An attacker exploiting this flaw would be able to inject arbitrary system commands into SQL statements.
Binary data 3242.prm
{"id": "3242.PRM", "type": "nessus", "bulletinFamily": "scanner", "title": "SEO-Board < 1.03 admin.php user_pass_sha1 Cookie SQL Injection", "description": "The remote host is running SEO-Board, a web forum written in PHP. This version of SEO-Board is vulnerable to a flaw in the way that it handles malformed data. An attacker exploiting this flaw would be able to inject arbitrary system commands into SQL statements.", "published": "2005-09-26T00:00:00", "modified": "2019-03-06T00:00:00", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "href": "https://www.tenable.com/plugins/nnm/3242", "reporter": "Tenable", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3082"], "cvelist": ["CVE-2005-3082"], "immutableFields": [], "lastseen": "2021-08-19T13:16:35", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3082"]}], "rev": 4}, "score": {"value": 6.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2005-3082"]}]}, "exploitation": null, "vulnersScore": 6.1}, "pluginID": "3242", "sourceData": "Binary data 3242.prm", "naslFamily": "CGI", "cpe": ["cpe:2.3:a:seo-board:seo-board:*:*:*:*:*:*:*:*"], "solution": "Upgrade to version 1.03 or higher.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1646181880}}
