CVE-2005-1287

Description

Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp.

References

http://www.securityfocus.com/archive/1/431863/100/0/threaded

http://www.securityfocus.com/archive/1/431659/100/0/threaded

http://www.osvdb.org/15786

http://www.osvdb.org/15785

http://www.osvdb.org/15784

http://secunia.com/advisories/15072

http://marc.info/?l=bugtraq&m=111428133317901&w=2

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS