CVE-2005-2902

SQL injection vulnerability in class-1 Forum Software 0.24.4 allows remote attackers to execute arbitrary SQL commands and bypass the file extension check via SQL code in the file extension of an uploaded file.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.rgod.altervista.org/class1.html	Exploit Vendor Advisory
http://www.securityfocus.com/bid/14774	Exploit
http://secunia.com/advisories/16762/	Vendor Advisory
http://marc.info/?l=bugtraq&m=112629627512785&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/22209

Configurations

Configuration 1 (hide)

cpe:2.3:a:class-1:class-1_forum:0.24.4:*:*:*:*:*:*:*

Information

Published : 2005-09-14 13:03

Updated : 2017-07-10 18:33

NVD link : CVE-2005-2902

Mitre link : CVE-2005-2902

JSON object : View

CWE

NVD-CWE-Other

Products Affected

class-1

class-1_forum

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.rgod.altervista.org/class1.html", "name": "http://www.rgod.altervista.org/class1.html", "tags": ["Exploit", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/14774", "name": "14774", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/16762/", "name": "16762", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://marc.info/?l=bugtraq&m=112629627512785&w=2", "name": "20050908 class-1 Forum Software v 0.24.4 Remote code execution", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22209", "name": "class1forum-unknown-sql-injection(22209)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SQL injection vulnerability in class-1 Forum Software 0.24.4 allows remote attackers to execute arbitrary SQL commands and bypass the file extension check via SQL code in the file extension of an uploaded file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-2902", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2005-09-14T20:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:class-1:class-1_forum:0.24.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:33Z"}

7.5 /10