UBB.threads < 6.5.1.1 editpost.php SQL Injection

High Nessus Network Monitor Plugin ID 2699

Synopsis

The remote host is vulnerable to a SQL injection attack.

Description

The remote host is running a version of UBB.threads that fails to sufficiently sanitize the 'Number' parameter before using it in SQL queries in the editpost.php script. As a result, a remote attacker can pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.

Solution

Upgrade to UBB.threads version 6.5.1.1 or higher.

See Also

http://www.securityfocus.com/archive/1/396222

http://www.gulftech.org/?node=research&amp;article_id=00084-06232005

Plugin Details

Severity: High

ID: 2699

Family: CGI

Published: 2005/03/13

Modified: 2018/07/11

Dependencies: 1442

Nessus ID: 17316, 18098

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ubbcentral:ubb.threads

Reference Information

CVE: CVE-2005-1199, CVE-2005-2057, CVE-2005-2058, CVE-2005-2059, CVE-2005-2060, CVE-2005-2061, CVE-2005-0726

BID: 12784, 13253, 14050, 14052, 14053, 14055