Vulnerabilities > CVE-2004-2062 - Unspecified vulnerability in Antiboard

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

antiboard

nessus

exploit available

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the (1) thread_id, (2) parent_id, or (3) mode parameters.

Vulnerable Configurations

Part	Description	Count
Application	Antiboard Antiboard Antiboard 0.6 Antiboard Antiboard 0.7.2 Antiboard Antiboard 0.7 Antiboard Antiboard 0.62 Antiboard Antiboard 0.61 Antiboard Antiboard 0.7.1 Antiboard Antiboard 0.63	7

Exploit-Db

description	AntiBoard 0.6/0.7 antiboard.php Multiple Parameter SQL Injection. CVE-2004-2062. Webapps exploit for php platform
id	EDB-ID:24329
last seen	2016-02-02
modified	2004-07-28
published	2004-07-28
reporter	Josh Gilmour
source	https://www.exploit-db.com/download/24329/
title	AntiBoard 0.6/0.7 antiboard.php Multiple Parameter SQL Injection

Nessus

NASL family	CGI abuses
NASL id	ANTIBOARD_SQL_INJECTION.NASL
description	The remote host appears to be running the AntiBoard bulletin board system. There are multiple SQL injection vulnerabilities in the remote software that may allow an attacker to execute arbitrary SQL commands on the remote host, and possibly bypass the authentication mechanisms of AntiBoard. Note, AntiBoard is also affected by a cross-site scripting vulnerability, however Nessus has not tested this.
last seen	2020-06-01
modified	2020-06-02
plugin id	14187
published	2004-08-02
reporter	This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/14187
title	AntiBoard antiboard.php Multiple Parameter SQL Injection

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References