Vulnerability Description
Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aspbb | Aspbb | 0.4 |
References
- http://www.securityfocus.com/bid/15859Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40004
- http://www.securityfocus.com/bid/15859Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40004
FAQ
What is CVE-2005-4259?
CVE-2005-4259 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFIL...
How severe is CVE-2005-4259?
CVE-2005-4259 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4259?
Check the references section above for vendor advisories and patch information. Affected products include: Aspbb Aspbb.