Vulnerabilities > CVE-2005-1570 - SQL-Injection vulnerability in Battleaxe Software Bttlxeforum 2.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

battleaxe-software

NVD

Published: 2005-05-14

Updated: 2008-09-05

Summary

forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Battleaxe_Software Battleaxe Software Bttlxeforum 2.0	1

References

http://securitytracker.com/id?1013934