CVE-2005-1234

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to auction_rating.php or (2) ar parameter to action_offer.php.

Ссылки

http://secunia.com/advisories/15029
Exploit
Patch
http://securitytracker.com/id?1013779
Exploit
http://www.aria-security.net/advisory/phpauction.txt
http://www.osvdb.org/15704
Exploit
http://www.osvdb.org/15705
http://www.phpbb-auction.com/sutra5600.html
Exploit
http://www.securityfocus.com/archive/1/441190/100/0/threaded
http://www.securityfocus.com/bid/13283
Exploit
http://www.securityfocus.com/bid/13284
Exploit
http://www.snkenjoi.com/secadv/secadv9.txt
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20203
http://secunia.com/advisories/15029
Exploit
Patch
http://securitytracker.com/id?1013779
Exploit
http://www.aria-security.net/advisory/phpauction.txt
http://www.osvdb.org/15704
Exploit
http://www.osvdb.org/15705
http://www.phpbb-auction.com/sutra5600.html
Exploit
http://www.securityfocus.com/archive/1/441190/100/0/threaded
http://www.securityfocus.com/bid/13283
Exploit
http://www.securityfocus.com/bid/13284
Exploit

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:phpbb_group:phpbb-auction:1.0m:*:*:*:*:*:*:*

cpe:2.3:a:phpbb_group:phpbb-auction:1.2m:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.00995

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4pch-258r-x42r

github

почти 4 года назад