4.6
CVE-2001-1472
- EPSS 2.58%
- Veröffentlicht 03.08.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:20
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpbb Group ≫ Phpbb Version1.4.0
Phpbb Group ≫ Phpbb Version1.4.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.58% | 0.832 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
https://exchange.xforce.ibmcloud.com/vulnerabilities/6944
http://www.kb.cert.org/vuls/id/314347
http://www.securityfocus.com/archive/1/201715
http://www.securityfocus.com/bid/3142