4.6
CVE-2003-1215
- EPSS 0.37%
- Veröffentlicht 29.12.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:44
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpbb Group ≫ Phpbb Version1.0.0
Phpbb Group ≫ Phpbb Version1.2.0
Phpbb Group ≫ Phpbb Version1.2.1
Phpbb Group ≫ Phpbb Version1.4.0
Phpbb Group ≫ Phpbb Version1.4.1
Phpbb Group ≫ Phpbb Version1.4.2
Phpbb Group ≫ Phpbb Version1.4.4
Phpbb Group ≫ Phpbb Version2.0.0
Phpbb Group ≫ Phpbb Version2.0.1
Phpbb Group ≫ Phpbb Version2.0.2
Phpbb Group ≫ Phpbb Version2.0.3
Phpbb Group ≫ Phpbb Version2.0.4
Phpbb Group ≫ Phpbb Version2.0.5
Phpbb Group ≫ Phpbb Version2.0.6
Phpbb Group ≫ Phpbb Version2.0_beta1
Phpbb Group ≫ Phpbb Version2.0_rc1
Phpbb Group ≫ Phpbb Version2.0_rc2
Phpbb Group ≫ Phpbb Version2.0_rc3
Phpbb Group ≫ Phpbb Version2.0_rc4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.282 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=107273069130885&w=2
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=161943
http://www.securityfocus.com/bid/9314
https://exchange.xforce.ibmcloud.com/vulnerabilities/14096