7.5

CVE-2005-3420

usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpbb GroupPhpbb Version2.0.0
Phpbb GroupPhpbb Version2.0.1
Phpbb GroupPhpbb Version2.0.2
Phpbb GroupPhpbb Version2.0.3
Phpbb GroupPhpbb Version2.0.4
Phpbb GroupPhpbb Version2.0.5
Phpbb GroupPhpbb Version2.0.6
Phpbb GroupPhpbb Version2.0.6c
Phpbb GroupPhpbb Version2.0.6d
Phpbb GroupPhpbb Version2.0.7
Phpbb GroupPhpbb Version2.0.7a
Phpbb GroupPhpbb Version2.0.8
Phpbb GroupPhpbb Version2.0.8a
Phpbb GroupPhpbb Version2.0.9
Phpbb GroupPhpbb Version2.0.10
Phpbb GroupPhpbb Version2.0.11
Phpbb GroupPhpbb Version2.0.12
Phpbb GroupPhpbb Version2.0.13
Phpbb GroupPhpbb Version2.0.14
Phpbb GroupPhpbb Version2.0.15
Phpbb GroupPhpbb Version2.0.16
Phpbb GroupPhpbb Version2.0.17
Phpbb GroupPhpbb Version2.0_beta1
Phpbb GroupPhpbb Version2.0_rc1
Phpbb GroupPhpbb Version2.0_rc2
Phpbb GroupPhpbb Version2.0_rc3
Phpbb GroupPhpbb Version2.0_rc4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.32% 0.833
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P