Back to search
CVE-2004-1555
Published: Feb 20, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1011419
vdb-entry
x_refsource_SECTRACK
broadboard-forgotasp-sql-injection(17502)
vdb-entry
x_refsource_XF
broadboard-profileasp-sql-injection(17500)
vdb-entry
x_refsource_XF
broadboard-searchasp-sql-injection(17498)
vdb-entry
x_refsource_XF
20040926 SQL injection in BroadBoard Instant ASP Message Board
mailing-list
x_refsource_BUGTRAQ
11250
vdb-entry
x_refsource_BID
12658
third-party-advisory
x_refsource_SECUNIA
broadboard-reg2asp-sql-injection(17501)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now