SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181.
References
Link | Resource |
---|---|
http://pridels0.blogspot.com/2005/11/wowbb-165-sql-vuln.html | |
http://www.osvdb.org/21441 | Exploit |
http://www.osvdb.org/21442 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-12-21T00:00:00
Updated: 2007-09-13T09:00:00
Reserved: 2005-12-20T00:00:00
Link: CVE-2005-4431
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-12-21T00:03:00.000
Modified: 2008-09-20T04:43:09.483
Link: CVE-2005-4431
JSON object: View
Redhat Information
No data.
CWE