Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2697

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2697
Last Modified 05 Sep 2008 04:52:27
Published 26 Aug 2005 11:50:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2697

Summary

SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282.

Vulnerable Systems

Application

  • Mybulletinboard 1.00 Rc1

  • Mybulletinboard 1.00 Rc2

  • Mybulletinboard 1.00 Rc3

  • Mybulletinboard 1.00 Rc4


References

SECUNIA - 13722

BUGTRAQ - 20050819 Vul in MyBB

BID - 14615


Last Updated: 27 May 2016 10:40:36