Vulnerabilities > CVE-2005-2323
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or the (3) id or (4) forum parameter to viewforum.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 | |
| Application | 1 |
Exploit-Db
| description | phpMyFamily <= 1.4.0 SQL Injection Exploit. CVE-2005-2323. Webapps exploit for php platform |
| id | EDB-ID:1208 |
| last seen | 2016-01-31 |
| modified | 2005-03-27 |
| published | 2005-03-27 |
| reporter | basher13 |
| source | https://www.exploit-db.com/download/1208/ |
| title | phpMyFamily <= 1.4.0 - SQL Injection Exploit |
References
- http://lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.html
- http://lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.html
- http://secunia.com/advisories/16078
- http://secunia.com/advisories/16078
- http://securitytracker.com/id?1014485
- http://securitytracker.com/id?1014485
- http://securitytracker.com/id?1014486
- http://securitytracker.com/id?1014486
- http://www.osvdb.org/17921
- http://www.osvdb.org/17921
- http://www.osvdb.org/17922
- http://www.osvdb.org/17922
- http://www.osvdb.org/17923
- http://www.osvdb.org/17923