2.1.5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

papoo

NVD

Published: 2006-04-13

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php.

Vulnerable Configurations

Part	Description	Count
Application	Papoo Papoo Papoo 2.1.2 Papoo Papoo 2.1.4 Papoo Papoo - Papoo Papoo 2.1.5	5

References

http://pridels0.blogspot.com/2006/04/papoo-multiple-sql-vuln.html
http://pridels0.blogspot.com/2006/04/papoo-multiple-sql-vuln.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/25728
https://exchange.xforce.ibmcloud.com/vulnerabilities/25728