Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0486

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0486
Last Modified 05 Sep 2008 04:34:26
Published 07 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0486

Summary

SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter.

Vulnerable Systems

Application

  • Phpbb Group Phpbb 2.0.5


References

XF - phpbb-viewtopic-sql-injection(12366)

BID - 7979

CONFIRM - http://www.phpbb.com/phpBB/viewtopic.php?t=112052

BUGTRAQ - 20030619 phpBB password disclosure by sql injection


Last Updated: 27 May 2016 10:37:56