Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-2989

Published: 20/09/2005 Updated: 08/03/2011
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 775
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Deluxebb

Vulnerability Summary

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

Vulnerable Product Search on Vulmon Subscribe to Product

deluxebb deluxebb 1.0

deluxebb deluxebb 1.05

Exploits

Exploit DB: DeluxeBB 1.0 - 'pm.php' SQL Injection
source: wwwsecurityfocuscom/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an ...
Exploit DB: DeluxeBB 1.0 - 'topic.php' SQL Injection
source: wwwsecurityfocuscom/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attac ...
Exploit DB: DeluxeBB 1.0 - 'misc.php' SQL Injection
source: wwwsecurityfocuscom/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an att ...
Exploit DB: DeluxeBB 1.0 - 'forums.php' SQL Injection
source: wwwsecurityfocuscom/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an a ...
Exploit DB: DeluxeBB 1.0 - 'newpost.php' SQL Injection
source: wwwsecurityfocuscom/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/14851http://secunia.com/advisories/16819http://www.vupen.com/english/advisories/2005/1752https://nvd.nist.govhttps://www.exploit-db.com/exploits/26267/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook