Vulnerabilities > CVE-2005-3918 - Unspecified vulnerability in Ovbb

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ovbb

exploit available

NVD

Published: 2005-11-30

Updated: 2024-04-11

Summary

Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial.

Vulnerable Configurations

Part	Description	Count
Application	Ovbb Ovbb Ovbb 0.5A Ovbb Ovbb 0.6A Ovbb Ovbb 0.3A Ovbb Ovbb 0.7A Ovbb Ovbb 0.4A Ovbb Ovbb 0.2A Ovbb Ovbb 0.8A Ovbb Ovbb 0.1A	8

Exploit-Db

description	OvBB 0.x thread.php threadid Parameter SQL Injection. CVE-2005-3918. Webapps exploit for php platform
id	EDB-ID:26589
last seen	2016-02-03
modified	2005-11-24
published	2005-11-24
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26589/
title	OvBB 0.x thread.php threadid Parameter SQL Injection

description	OvBB 0.x profile.php userid Parameter SQL Injection. CVE-2005-3918. Webapps exploit for php platform
id	EDB-ID:26590
last seen	2016-02-03
modified	2005-11-24
published	2005-11-24
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26590/
title	OvBB 0.x profile.php userid Parameter SQL Injection

Summary

Vulnerable Configurations

Exploit-Db

References