NVD

Id
70774  
Name
CVE-2004-0323  
Description
Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2004-12-31  
Modified Date
2017-07-10  
Seq
2004-0323  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
365068 70774 CVE-2004-0323 20040225 Re: [waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2  View
365069 70774 CVE-2004-0323 20040326 [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]  View
365070 70774 CVE-2004-0323 20040223 [waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2  View
365071 70774 CVE-2004-0323 9726  View
365072 70774 CVE-2004-0323 http://www.xmbforum.com/community/boards/viewthread.php?tid=746859  View
365073 70774 CVE-2004-0323 xmb-multiple-sql-injection(15295)  View

Related JVN