Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php.
References
Link | Resource |
---|---|
http://phorum.org/cvs-changelog-5.txt | |
http://secunia.com/advisories/12980 | Vendor Advisory |
http://securitytracker.com/id?1011921 | Exploit |
http://www.maxpatrol.com/advdetails.asp?id=15 | Exploit Vendor Advisory |
http://www.maxpatrol.com/mp_advisory.asp | |
http://www.osvdb.org/11129 | Exploit Patch |
http://www.securityfocus.com/bid/11538 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17847 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-07-17T04:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-07-17T00:00:00
Link: CVE-2004-2240
JSON object: View
NVD Information
Status : Modified
Published: 2004-12-31T05:00:00.000
Modified: 2017-07-11T01:31:43.937
Link: CVE-2004-2240
JSON object: View
Redhat Information
No data.
CWE