Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-10-20T04:00:00

Updated: 2024-08-07T23:01:59.137Z

Reserved: 2005-10-20T00:00:00

Link: CVE-2005-3259

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-10-20T10:02:00.000

Modified: 2024-11-21T00:01:28.200

Link: CVE-2005-3259

cve-icon Redhat

No data.