Vulnerability Details CVE-2005-0414
SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70
- http://marc.info/?l=bugtraq&m=110661795632354&w=2
- http://marc.info/?l=bugtraq&m=110797495532358&w=2
- http://securitytracker.com/id?1013137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19051
- http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70
- http://marc.info/?l=bugtraq&m=110661795632354&w=2
- http://marc.info/?l=bugtraq&m=110797495532358&w=2
- http://securitytracker.com/id?1013137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19051
Products affected by CVE-2005-0414
-
cpe:2.3:a:mercuryboard:mercuryboard:1.1.1