Vulnerabilities > CVE-2004-2181 - Unspecified vulnerability in Wowbb web Forum 1.61/1.65
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. NOTE: the sort_by vector was later reported to be present in WowBB 1.65.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | WowBB 1.6 View_User.PHP SQL Injection Vulnerability. CVE-2004-2181. Webapps exploit for php platform |
id | EDB-ID:25641 |
last seen | 2016-02-03 |
modified | 2005-05-10 |
published | 2005-05-10 |
reporter | Megasky |
source | https://www.exploit-db.com/download/25641/ |
title | WowBB 1.6 View_User.PHP SQL Injection Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | WOWBB_FLAWS.NASL |
description | The remote host is running WowBB, a web-based forum written in PHP. According to its version, the remote installation of WowBB is 1.61 or older. Such versions are vulnerable to cross-site scripting and SQL injection attacks. A malicious user can steal users |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15557 |
published | 2004-10-25 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15557 |
title | WowBB <= 1.61 Multiple Vulnerabilities |
code |
|