CVE-2004-1555

Description

Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17502

https://exchange.xforce.ibmcloud.com/vulnerabilities/17501

https://exchange.xforce.ibmcloud.com/vulnerabilities/17500

https://exchange.xforce.ibmcloud.com/vulnerabilities/17498

http://securitytracker.com/id?1011419

http://secunia.com/advisories/12658

http://marc.info/?l=bugtraq&m=109630777608244&w=2

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3