CVE-2003-1216
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.5/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 6.4/10
- Confidentiality Impact
- Partial
- Availability Impact
- Partial
- Integrity Impact
- Partial
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:phpbb_group:phpbb:1.4.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:1.4.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:1.4.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:1.4.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0_beta1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:1.2.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:1.2.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0_rc3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0_rc4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:1.0.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0_rc1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:phpbb_group:phpbb:2.0_rc2:*:*:*:*:*:*:* |
Yes
|
- | - |