Lucene search

[email protected]NVD:CVE-2004-1555

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1555

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.006

Percentile

79.2%

JSON

Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.

Affected configurations

Nvd

Node

broadboard_instantasp_message_board

VendorProductVersionCPE
broadboard_instantasp_message_board*cpe:2.3:a:broadboard_instant:asp_message_board:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadboard_instant	asp_message_board	*	cpe:2.3:a:broadboard_instant:asp_message_board::::::::

References

marc.info/?l=bugtraq&m=109630777608244&w=2

secunia.com/advisories/12658

securitytracker.com/id?1011419

www.securityfocus.com/bid/11250

exchange.xforce.ibmcloud.com/vulnerabilities/17498

exchange.xforce.ibmcloud.com/vulnerabilities/17500

exchange.xforce.ibmcloud.com/vulnerabilities/17501

exchange.xforce.ibmcloud.com/vulnerabilities/17502

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.006

Percentile

79.2%

JSON

Related for NVD:CVE-2004-1555

nessus1 exploitdb2 cve1 cvelist1