CVE-2004-1864

Опубликовано: 26 мар. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.

Ссылки

http://marc.info/?l=bugtraq&m=108032355905265&w=2
http://securitytracker.com/id?1009561
http://www.osvdb.org/16886
http://www.securityfocus.com/bid/9983
Vendor Advisory
https://docs.xmbforum2.com/index.php?title=Security_Issue_History
https://exchange.xforce.ibmcloud.com/vulnerabilities/15655
http://marc.info/?l=bugtraq&m=108032355905265&w=2
http://securitytracker.com/id?1009561
http://www.osvdb.org/16886
http://www.securityfocus.com/bid/9983
Vendor Advisory
https://docs.xmbforum2.com/index.php?title=Security_Issue_History
https://exchange.xforce.ibmcloud.com/vulnerabilities/15655

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:xmb_forum:xmb:1.8_sp3:*:*:*:*:*:*:*

cpe:2.3:a:xmb_forum:xmb:1.9_beta:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01237

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q95m-g3gg-q299

github

больше 3 лет назад