Vulnerabilities > CVE-2005-3918 - Unspecified vulnerability in Ovbb
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ovbb
exploit available
Summary
Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |
Exploit-Db
description OvBB 0.x thread.php threadid Parameter SQL Injection. CVE-2005-3918. Webapps exploit for php platform id EDB-ID:26589 last seen 2016-02-03 modified 2005-11-24 published 2005-11-24 reporter r0t3d3Vil source https://www.exploit-db.com/download/26589/ title OvBB 0.x thread.php threadid Parameter SQL Injection description OvBB 0.x profile.php userid Parameter SQL Injection. CVE-2005-3918. Webapps exploit for php platform id EDB-ID:26590 last seen 2016-02-03 modified 2005-11-24 published 2005-11-24 reporter r0t3d3Vil source https://www.exploit-db.com/download/26590/ title OvBB 0.x profile.php userid Parameter SQL Injection