CVE-2005-4647

Properties

Published:
30.12.2005
Updated:
13.01.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Product:
Pearlinger: Pearl Forums
Pearlinger: Pearl Forums

Vulnerability description

Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) forumsId and (2) topicId parameters in index.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References:

FRSIRT: http://www.frsirt.com/english/advisories/2005/2426
OSVDB: http://www.osvdb.org/20848
SECUNIA: http://secunia.com/advisories/17533
XF: http://xforce.iss.net/xforce/xfdb/23195
BID: http://www.securityfocus.com/bid/15425