CVE-2005-2439

Published: Aug 3, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function.

Affected (14)

Products: Usebb: Usebb

1 product

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Usebb Usebb	Version 0.1.1
Usebb Usebb	Version 0.1
Usebb Usebb	Version 0.2.1
Usebb Usebb	Version 0.2.2
Usebb Usebb	Version 0.2.3
Usebb Usebb	Version 0.2.3a
Usebb Usebb	Version 0.2
Usebb Usebb	Version 0.3.1
Usebb Usebb	Version 0.3.2
Usebb Usebb	Version 0.3
Usebb Usebb	Version 0.4.1
Usebb Usebb	Version 0.4
Usebb Usebb	Version 0.5.1
Usebb Usebb	Version 0.5

References (10)

http://marc.info/?l=bugtraq&m=112264706213040&w=2

Source: cve@mitre.org

http://www.hardened-php.net/advisory_122005.60.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/14413

Source: cve@mitre.org

http://www.usebb.net/community/topic.php?id=605

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/21652

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=112264706213040&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.hardened-php.net/advisory_122005.60.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/14413

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.usebb.net/community/topic.php?id=605

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/21652

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.