Описание
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
Ссылки
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:invision_power_services:invision_power_board:*:*:*:*:*:*:*:*
cpe:2.3:a:phpbb:phpbb:*:*:*:*:*:*:*:*
cpe:2.3:a:sebflipper:multi-forums_module:1.3.3:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00395
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
EPSS
Процентиль: 60%
0.00395
Низкий
7.5 High
CVSS2
Дефекты
CWE-89