Vulnerabilities > CVE-2004-2456 - Unspecified vulnerability in Minibb

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
minibb
nessus
exploit available
NVD
Published: 2004-12-31
Updated: 2024-11-20

Summary

SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action.

Vulnerable Configurations

Part Description Count
Application
Minibb
6

Exploit-Db

descriptionminiBB - Input Validation Hole ('user'). CVE-2004-2456. Webapps exploit for php platform
idEDB-ID:635
last seen2016-01-31
modified2004-11-16
published2004-11-16
reporterN/A
sourcehttps://www.exploit-db.com/download/635/
titleminiBB - Input Validation Hole 'user'

Nessus

NASL familyCGI abuses
NASL idMINIBB_SQL.NASL
descriptionThe remote host is using the miniBB forum management system. According to its version number, this forum is vulnerable to a SQL injection attack. Input to the
last seen2020-06-01
modified2020-06-02
plugin id15763
published2004-11-19
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15763
titleminiBB index.php user Parameter SQL Injection
code
#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");


if (description)
{
 script_id(15763);
 script_version ("1.17");
 script_cve_id("CVE-2004-2456");
 script_bugtraq_id(11688);

 script_name(english:"miniBB index.php user Parameter SQL Injection");
 script_summary(english:"Determine if MiniBB can be used to execute arbitrary SQL commands");

 script_set_attribute( attribute:"synopsis",  value:
"A web application on the remote host has a SQL injection vulnerability." );
 script_set_attribute( attribute:"description",  value:
"The remote host is using the miniBB forum management system.

According to its version number, this forum is vulnerable to a
SQL injection attack.  Input to the 'user' parameter of index.php
not properly sanitized.  A remote attacker could exploit this to
execute arbitrary SQL queries against the remote database." );
 script_set_attribute(
   attribute:"solution", 
   value:"Upgrade to miniBB 1.7f or later."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"plugin_publication_date", value: "2004/11/19");
 script_set_attribute(attribute:"vuln_publication_date", value: "2004/10/28");
 script_cvs_date("Date: 2018/06/13 18:56:28");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_family(english:"CGI abuses");

 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");

 script_dependencie("minibb_xss.nasl");
 script_require_ports("Services/www", 80);
 exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:80);
kb   = get_kb_item("www/" + port + "/minibb");
if ( ! kb ) exit(0);
matches = eregmatch(string:kb, pattern:"^(.+) under (.*)$");
if ( ereg(pattern:"^(0\.|1\.[0-6][^0-9]|7([a-e]|$))", string:matches[1]) )
{
     security_hole(port);
     set_kb_item(name: 'www/'+port+'/SQLInjection', value: TRUE);
}

References