FusionBB 0.x – Multiple Input Validation Vulnerabilities

15次阅读
没有评论

FusionBB 0.x – Multiple Input Validation Vulnerabilities

漏洞ID 1055163 漏洞类型
发布时间 2005-06-13 更新时间 2005-06-13
FusionBB 0.x - Multiple Input Validation VulnerabilitiesCVE编号 N/A
FusionBB 0.x - Multiple Input Validation VulnerabilitiesCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25819
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/13939/info

FusionBB is affected by multiple vulnerabilities. These issues arise due to a failure of the application to properly sanitize user-supplied input.

The following specific vulnerabilities were identified:

The application is affected by a local file include vulnerability. The attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access.

FusionBB is prone to multiple SQL injection vulnerabilities as well. These vulnerabilities could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. 

Cookie: bb_session_id=' or user_id = '1; bb_uid=1;

相关推荐: atomicboard 0.6.2 – Directory Traversal

atomicboard 0.6.2 – Directory Traversal 漏洞ID 1054046 漏洞类型 发布时间 2003-07-21 更新时间 2003-07-21 CVE编号 N/A CNNVD-ID N/A 漏洞平台 PHP CVSS评分 N…

正文完
 0