Published: 12/08/2012 Updated: 14/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote malicious users to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget page, (3) password parameter to the forum_archive page, (4) section parameter to the management page, (5) section_id parameter to the managementreply page, (6) member_id parameter to the new_password page, or (7) subjectid parameter to the tags page to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pbboard pbboard 2.1.4

source: wwwsecurityfocuscom/bid/54916/info PBBoard is prone to multiple security vulnerabilities including: 1 Multiple SQL-injection vulnerabilities 2 A security-bypass vulnerability 3 An arbitrary file upload vulnerability Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database, t ...

PBBoard version 214 suffers from improper authentication, improper access control, and remote SQL injection vulnerabilities ...

CWE-89 http://www.pbboard.com/forums/t10352.html http://www.pbboard.com/forums/t10353.html http://www.securityfocus.com/bid/54916 http://secunia.com/advisories/50153 http://osvdb.org/84480 https://www.htbridge.com/advisory/HTB23101 https://exchange.xforce.ibmcloud.com/vulnerabilities/77501 https://nvd.nist.gov https://www.exploit-db.com/exploits/37614/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-4034

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect