Описание
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-1598
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20446
- https://www.exploit-db.com/exploits/1013
- http://forums.invisionpower.com/index.php?showtopic=168016
- http://marc.info/?l=bugtraq&m=111539908705851&w=2
- http://marc.info/?l=bugtraq&m=111712587206834&w=2
- http://secunia.com/advisories/15265
- http://securitytracker.com/id?1013907
- http://securitytracker.com/id?1014499
- http://www.gulftech.org/?node=research&article_id=00073-05052005
- http://www.osvdb.org/16297
- http://www.securiteam.com/exploits/5GP0E2KFQQ.html
- http://www.securityfocus.com/bid/13529
EPSS
Процентиль: 92%
0.07777
Низкий
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
EPSS
Процентиль: 92%
0.07777
Низкий