← Back

CVE-2004-1966

nvd nist
Published: Dec 31, 2004Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.

Affected (7)

Products: Openbb: Openbb
Openbb
1 product
Openbb
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Openbb
Openbb
Version 1.0.0_beta1
Openbb
Version 1.0.0_rc1
Openbb
Version 1.0.0_rc2
Openbb
Version 1.0.0_rc3
Openbb
Version 1.0.5
Openbb
Version 1.0.6
Openbb
Version 1.0.8

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.