SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.securityfocus.com/bid/15205 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2006-02-01T20:00:00Z
Updated: 2024-09-16T17:53:36.914Z
Reserved: 2006-02-01T00:00:00Z
Link: CVE-2005-4702

No data.

Status : Modified
Published: 2005-12-31T05:00:00.000
Modified: 2024-11-21T00:04:58.227
Link: CVE-2005-4702

No data.