Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2989

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2989
Last Modified 07 Mar 2011 09:25:24
Published 19 Sep 2005 08:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2989

Summary

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

Vulnerable Systems

Application

  • Deluxebb 1.0

  • Deluxebb 1.05


References

SECUNIA - 16819

VUPEN - ADV-2005-1752

BID - 14851


Last Updated: 27 May 2016 10:40:42