Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1519

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1519
Last Modified 05 Sep 2008 04:41:38
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1519

Summary

SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation.

Vulnerable Systems


References

XF - phpbugtracker-bug-sql-injection(18053)

XF - phpbugtracker-project-sql-injection(18079)

OSVDB - 11718

BUGTRAQ - 20041112 SQL Injection in phpBT (bug.php) add project

BUGTRAQ - 20041112 SQL Injection in phpBT (bug.php - Add)

BUGTRAQ - 20041112 SQL Injection in phpBT (bug.php)


Last Updated: 27 May 2016 10:39:04