Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/09/2008 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
powie pforum 1.30

#===================================================================================================== #Powie's PHP Forum <= v130 (showprofil) Remote SQL Injection Exploit #===================================================================================================== # #Critical Level : Dangerous # #Venedor site : wwwpowiede # # ...

CWE-89 http://www.securityfocus.com/bid/31150 http://secunia.com/advisories/31872 http://www.vupen.com/english/advisories/2008/2559 https://exchange.xforce.ibmcloud.com/vulnerabilities/45079 https://www.exploit-db.com/exploits/6442 https://nvd.nist.gov https://www.exploit-db.com/exploits/6442/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-4355

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect