Lucene search

PRIOn knowledge basePRION:CVE-2012-4034

HistoryAug 12, 2012 - 12:55 a.m.

Sql injection

2012-08-1200:55:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.8%

JSON

Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget page, (3) password parameter to the forum_archive page, (4) section parameter to the management page, (5) section_id parameter to the managementreply page, (6) member_id parameter to the new_password page, or (7) subjectid parameter to the tags page to index.php.

CPENameOperatorVersion
pbboardeq2.1.4

CPE	Name	Operator	Version
	pbboard	eq	2.1.4

References

osvdb.org/84480

secunia.com/advisories/50153

www.pbboard.com/forums/t10352.html

www.pbboard.com/forums/t10353.html

www.securityfocus.com/bid/54916

exchange.xforce.ibmcloud.com/vulnerabilities/77501

www.htbridge.com/advisory/HTB23101

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.8%

JSON

Related for PRION:CVE-2012-4034