Vulnerabilities > CVE-2005-4702 - Unspecified vulnerability in Ipbproarcade 2.5.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ipbproarcade
exploit available
Summary
SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | IPBProArcade 2.5.2 GameID Parameter Remote SQL Injection Vulnerability. CVE-2005-4702. Webapps exploit for php platform |
| id | EDB-ID:26397 |
| last seen | 2016-02-03 |
| modified | 2005-10-26 |
| published | 2005-10-26 |
| reporter | almaster |
| source | https://www.exploit-db.com/download/26397/ |
| title | IPBProArcade 2.5.2 GameID Parameter Remote SQL Injection Vulnerability |