Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1972

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1972
Last Modified 05 Sep 2008 04:50:33
Published 13 Jun 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1972

Summary

Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie.

Vulnerable Systems

Application

  • Interactivephp Fusionbb 11 Beta


References

CONFIRM - http://www.interactivephp.com/misc/CHANGELOG.html

MISC - http://www.gulftech.org/?node=research&article_id=00081-06132005


Last Updated: 27 May 2016 10:40:21