CVE-2005-3816

Опубликовано: 26 нояб. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in forum.php in freeForum 1.1 and earlier and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter or (2) thread parameter in thread mode.

Ссылки

http://pridels0.blogspot.com/2005/11/freeforum-1x-cat-and-thread-sql-inj.html
http://secunia.com/advisories/17720
Vendor Advisory
http://securitytracker.com/id?1015269
http://www.osvdb.org/21086
http://www.securityfocus.com/bid/15559
http://www.vupen.com/english/advisories/2005/2571
http://pridels0.blogspot.com/2005/11/freeforum-1x-cat-and-thread-sql-inj.html
http://secunia.com/advisories/17720
Vendor Advisory
http://securitytracker.com/id?1015269
http://www.osvdb.org/21086
http://www.securityfocus.com/bid/15559
http://www.vupen.com/english/advisories/2005/2571

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zoneo-soft:freeforum:*:*:*:*:*:*:*:*

Версия до 1.1 (включая)

EPSS

Процентиль: 67%

0.00542

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q3hc-hp7c-g8cc

github

почти 4 года назад