CVE-2005-0569

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php.

Ссылки

http://marc.info/?l=bugtraq&m=110927754230666&w=2
http://secunia.com/advisories/14394
Patch
Vendor Advisory
http://secunia.com/advisories/14538
Patch
Vendor Advisory
http://www.punbb.org/changelogs/1.2.1_to_1.2.2.txt
http://www.securityfocus.com/bid/12652
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/19473
http://marc.info/?l=bugtraq&m=110927754230666&w=2
http://secunia.com/advisories/14394
Patch
Vendor Advisory
http://secunia.com/advisories/14538
Patch
Vendor Advisory
http://www.punbb.org/changelogs/1.2.1_to_1.2.2.txt
http://www.securityfocus.com/bid/12652
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/19473

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:punbb:punbb:1.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.0223

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-fr5x-fgxr-jh2p

github

почти 4 года назад