PT-2004-2321 · Ikonboard · Ikonboard
Publicado
2004-12-31
·
Atualizado
2017-07-11
·
CVE-2004-1406
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Ikonboard versions 3.1.0 through 3.1.3
Description:
The issue allows remote attackers to inject arbitrary SQL commands. This can be achieved via the
st or keywords parameter.Recommendations:
For Ikonboard versions 3.1.0 through 3.1.3, consider restricting access to the
ikonboard.cgi script until a patch is available. As a temporary workaround, avoid using the st and keywords parameters in the affected script to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Ikonboard