Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1879

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1879
Last Modified 05 Sep 2008 04:31:45
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1879

Summary

SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php.

Vulnerable Systems

Application

  • Lokwabb 1.2.1


References

BID - 4981

XF - lokwa-bb-sql-injection(9318)

MISC - http://www.ifrance.com/kitetoua/tuto/LokwaBB.txt

BUGTRAQ - 20020608 Security holes in LokwaBB and W-Agora


Last Updated: 27 May 2016 10:37:31