Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1864

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1864
Last Modified 10 Sep 2008 03:32:12
Published 26 Mar 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1864

Summary

SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.

Vulnerable Systems

Application

  • Xmb Forum Xmb 1.8 Sp3

  • Xmb Forum Xmb 1.9 Beta


References

XF - xmb-forum-sql-injection(15655)

BID - 9983

OSVDB - 16886

SECTRACK - 1009561

BUGTRAQ - 20040326 [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]


Last Updated: 27 May 2016 10:39:13