Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4066

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-4066
Last Modified 12 Mar 2012 12:00:00
Published 04 Nov 2011 05:55:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4066

Summary

SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.

Vulnerable Systems

Application

  • Sir Gnuboard 3.30

  • Sir Gnuboard 3.31

  • Sir Gnuboard 3.32

  • Sir Gnuboard 3.33

  • Sir Gnuboard 3.34

  • Sir Gnuboard 3.35

  • Sir Gnuboard 3.36

  • Sir Gnuboard 3.37

  • Sir Gnuboard 3.38

  • Sir Gnuboard 3.39

  • Sir Gnuboard 3.40

  • Sir Gnuboard 4.31.03

  • Sir Gnuboard 4.33.02


References

XF - gnuboard-board-sql-injection(70686)

SECTRACK - 1026197

BID - 50173

EXPLOIT-DB - 17992


Last Updated: 27 May 2016 10:57:48