Published: 12/08/2012 Updated: 14/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The new_password page in PBBoard 2.1.4 allows remote malicious users to change the password of arbitrary user accounts via the member_id and new_password parameters to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pbboard pbboard 2.1.4

source: wwwsecurityfocuscom/bid/54916/info PBBoard is prone to multiple security vulnerabilities including: 1 Multiple SQL-injection vulnerabilities 2 A security-bypass vulnerability 3 An arbitrary file upload vulnerability Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database ...

PBBoard version 214 suffers from improper authentication, improper access control, and remote SQL injection vulnerabilities ...

CWE-264 http://secunia.com/advisories/50153 http://www.securityfocus.com/bid/54916 https://www.htbridge.com/advisory/HTB23101 http://osvdb.org/84481 http://www.pbboard.com/forums/t10352.html http://www.pbboard.com/forums/t10353.html https://exchange.xforce.ibmcloud.com/vulnerabilities/77506 https://nvd.nist.gov https://www.exploit-db.com/exploits/37615/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-4035

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect