Vulnerabilities > CVE-2002-2176 - Remote SQL Injection vulnerability in phpBB2 Gender Mod

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

phpbb-group

critical

exploit available

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.

Vulnerable Configurations

Part	Description	Count
Application	Phpbb_Group Phpbb Group Phpbb 2.0.0 Phpbb Group Phpbb 2.0.1	2

Exploit-Db

description	phpBB2 Gender Mod 1.1.3 Remote SQL Injection Vulnerability. CVE-2002-2176. Webapps exploit for php platform
id	EDB-ID:21660
last seen	2016-02-02
modified	2002-07-29
published	2002-07-29
reporter	langtuhaohoa caothuvolam
source	https://www.exploit-db.com/download/21660/
title	phpBB2 Gender Mod 1.1.3 - Remote SQL Injection Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References