Vulnerabilities > CVE-2005-3259 - Unspecified vulnerability in Versatilebulletinboard 1.0.0.Rc2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

versatilebulletinboard

exploit available

NVD

Published: 2005-10-20

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php.

Vulnerable Configurations

Part	Description	Count
Application	Versatilebulletinboard Versatilebulletinboard Versatilebulletinboard 1.0.0.Rc2	1

Exploit-Db

description	versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection Exploit. CVE-2005-3259. Webapps exploit for php platform
id	EDB-ID:1245
last seen	2016-01-31
modified	2005-10-10
published	2005-10-10
reporter	rgod
source	https://www.exploit-db.com/download/1245/
title	versatileBulletinBoard 1.00 RC2 board takeover SQL Injection Exploit

Summary

Vulnerable Configurations

Exploit-Db

References