Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-6970

Опубликовано: 13 авг. 2009
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ubbcentral:ubb.threads:*:*:*:*:*:*:*:*
Версия до 7.3.1 (включая)
cpe:2.3:a:ubbcentral:ubb.threads:3.4:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:3.5:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:5.0:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.2:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.3:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.4:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.4.3:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.5:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.5.2_beta2:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ubbcentral:ubb.threads:7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.00748
Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-qq8p-8xw5-wwgp

github
больше 3 лет назад

SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.

EPSS

Процентиль: 73%
0.00748
Низкий

7.5 High

CVSS2

Дефекты

CWE-89