UBB.threads < 6.5.1.1 editpost.php SQL Injection

high Nessus Network Monitor Plugin ID 2699

Synopsis

The remote host is vulnerable to a SQL injection attack.

Description

The remote host is running a version of UBB.threads that fails to sufficiently sanitize the 'Number' parameter before using it in SQL queries in the editpost.php script. As a result, a remote attacker can pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.

Solution

Upgrade to UBB.threads version 6.5.1.1 or higher.

See Also

http://www.securityfocus.com/archive/1/396222

http://www.gulftech.org/?node=research&article_id=00084-06232005

Plugin Details

Severity: High

ID: 2699

Family: CGI

Published: 3/13/2005

Updated: 3/6/2019

Nessus ID: 17316, 18098

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ubbcentral:ubb.threads

Reference Information

CVE: CVE-2005-0726, CVE-2005-1199, CVE-2005-2057, CVE-2005-2058, CVE-2005-2059, CVE-2005-2060, CVE-2005-2061

BID: 12784, 13253, 14050, 14052, 14053, 14055