← volver
CVE-2005-0413

CVE-2005-0413

EPSS 2.1%
Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the fid in forum.php, (2) the member parameter in member.php, (3) the email parameter in forgot.php, or (4) the nbuser or nbpass parameters in include.php. NOTE: it was later reported that vector 2 exists in 3.0 and earlier.
Productos afectados
n/a · n/a
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/4822no verificadoexploitdbwww.exploit-db.com/exploits/807no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/lists/bugtraq/2005/Feb/0125.htmlhttp://secunia.com/advisories/14205http://securitytracker.com/id?1013136https://exchange.xforce.ibmcloud.com/vulnerabilities/19272https://exchange.xforce.ibmcloud.com/vulnerabilities/39348https://www.exploit-db.com/exploits/4822http://www.securityfocus.com/bid/12501http://www.securityfocus.com/bid/27083