ID |
CVE-2005-1287
|
Summary |
Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 19-10-2018 - 15:31) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
19-10-2018 - 15:31 |
Published |
23-04-2005 - 04:00 |
Last modified |
19-10-2018 - 15:31 |