Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in search.php for phpBB 1.0 up to and including 2.0.6 allows remote malicious users to execute arbitrary SQL and gain privileges via the search_results parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpbb group phpbb 1.2.1
phpbb group phpbb 1.4.0
phpbb group phpbb 2.0.3
phpbb group phpbb 2.0.4
phpbb group phpbb 1.4.1
phpbb group phpbb 1.4.2
phpbb group phpbb 2.0.5
phpbb group phpbb 2.0.6
phpbb group phpbb 2.0_beta1
phpbb group phpbb 1.4.4
phpbb group phpbb 2.0.0
phpbb group phpbb 2.0_rc1
phpbb group phpbb 2.0_rc2
phpbb group phpbb 1.0.0
phpbb group phpbb 1.2.0
phpbb group phpbb 2.0.1
phpbb group phpbb 2.0.2
phpbb group phpbb 2.0_rc3
phpbb group phpbb 2.0_rc4

source: wwwsecurityfocuscom/bid/9883/info A vulnerability has been reported to exist in the software that may allow a remote user to inject malicious SQL syntax into database queries The problem reportedly exists in one of the parameters of the searchphp script This issue is caused by insufficient sanitization of user-supplied data A ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/357442 http://www.securityfocus.com/bid/9883 https://exchange.xforce.ibmcloud.com/vulnerabilities/15475 https://nvd.nist.gov https://www.exploit-db.com/exploits/23821/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2350

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect