CVE-2004-1555
CVE-2004-1555
Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/24626unverifiedexploitdbwww.exploit-db.com/exploits/24625unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=bugtraq&m=109630777608244&w=2http://secunia.com/advisories/12658http://securitytracker.com/id?1011419https://exchange.xforce.ibmcloud.com/vulnerabilities/17498https://exchange.xforce.ibmcloud.com/vulnerabilities/17500https://exchange.xforce.ibmcloud.com/vulnerabilities/17501https://exchange.xforce.ibmcloud.com/vulnerabilities/17502http://www.securityfocus.com/bid/11250