Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-10-20T04:00:00
Updated: 2024-08-07T23:01:59.137Z
Reserved: 2005-10-20T00:00:00
Link: CVE-2005-3259
Vulnrichment
No data.
NVD
Status : Modified
Published: 2005-10-20T10:02:00.000
Modified: 2024-11-21T00:01:28.200
Link: CVE-2005-3259
Redhat
No data.