CVE-2005-2989

Published: Sep 20, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

Affected (2)

Products: Deluxebb: Deluxebb

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Deluxebb Deluxebb	Version 1.05
Deluxebb Deluxebb	Version 1.0

References (6)

http://secunia.com/advisories/16819

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/14851

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2005/1752

Source: cve@mitre.org

http://secunia.com/advisories/16819

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/14851

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2005/1752

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.