Lucene search

[email protected]NVD:CVE-2005-1287

HistoryApr 23, 2005 - 4:00 a.m.

CVE-2005-1287

2005-04-2304:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

JSON

Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp.

Affected configurations

NVD

Node

bk_devbk_forumRange≤4

References

marc.info/?l=bugtraq&m=111428133317901&w=2

secunia.com/advisories/15072

securitytracker.com/id?1013793

www.digitalparadox.org/advisories/bkdev.txt

www.osvdb.org/15784

www.osvdb.org/15785

www.osvdb.org/15786

www.securityfocus.com/archive/1/431659/100/0/threaded

www.securityfocus.com/archive/1/431863/100/0/threaded

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

JSON

Related for NVD:CVE-2005-1287

cvelist1 cve1