CVE-2005-3394

Опубликовано: 01 нояб. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) channel parameter in the topics module and (2) topic parameter in the posting module.

Ссылки

http://secunia.com/advisories/17373
Vendor Advisory
http://www.osvdb.org/20420
http://www.securityfocus.com/archive/1/415299
http://www.securityfocus.com/bid/15245
Exploit
http://www.vupen.com/english/advisories/2005/2258
https://exchange.xforce.ibmcloud.com/vulnerabilities/22932
http://secunia.com/advisories/17373
Vendor Advisory
http://www.osvdb.org/20420
http://www.securityfocus.com/archive/1/415299
http://www.securityfocus.com/bid/15245
Exploit
http://www.vupen.com/english/advisories/2005/2258
https://exchange.xforce.ibmcloud.com/vulnerabilities/22932

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oaboard:oaboard:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.0051

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x96p-73v2-g6rg

github

почти 4 года назад