Описание
SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) bday_day, (2) bday_month, and (3) bday_year parameters in the personal section.
SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) bday_day, (2) bday_month, and (3) bday_year parameters in the personal section.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4025
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28257
- http://secunia.com/advisories/21409
- http://securityreason.com/securityalert/1344
- http://securitytracker.com/id?1016643
- http://www.securityfocus.com/archive/1/442423/100/0/threaded
- http://www.securityfocus.com/bid/19374
- http://www.vupen.com/english/advisories/2006/3190
EPSS
Процентиль: 75%
0.00858
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) bday_day, (2) bday_month, and (3) bday_year parameters in the personal section.
EPSS
Процентиль: 75%
0.00858
Низкий