Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote malicious users to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation.

Vulnerable Product	Search on Vulmon	Subscribe to Product

Advisory: Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities in phpBugTracker v160 Advisory ID: SROEADV-2015-16 Author: Steffen Rösemann Affected Software: phpBugTracker v160 Vendor URL: githubcom/a-v-k/phpBugTracker Vendor Status: patched CVE-ID: will asked to be assigned after release on FullDisclosure via OSS-list Tes ...

phpBugTracker version 160 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities ...

NVD-CWE-Other http://www.osvdb.org/displayvuln.php?osvdb_id=11718 http://marc.info/?l=bugtraq&m=110037408101974&w=2 http://marc.info/?l=bugtraq&m=110029315521568&w=2 http://marc.info/?l=bugtraq&m=110037345428403&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18079 https://exchange.xforce.ibmcloud.com/vulnerabilities/18053 https://nvd.nist.gov https://www.exploit-db.com/exploits/36160/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1519

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect