CVE-2005-0569: SQL Injection
First published: Sun Feb 27 2005(Updated: )
Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PunBB | =1.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0569?
CVE-2005-0569 is considered a moderate severity vulnerability due to its ability to allow remote attackers to execute arbitrary SQL commands.
How do I fix CVE-2005-0569?
The recommended fix for CVE-2005-0569 is to upgrade PunBB to version 1.2.2 or later, which addresses the SQL injection vulnerabilities.
What are the affected components in CVE-2005-0569?
CVE-2005-0569 affects the register.php, profile.php, and moderate.php files in PunBB 1.2.1.
Can CVE-2005-0569 be exploited by unauthenticated users?
Yes, CVE-2005-0569 can be exploited by unauthenticated remote attackers, making it particularly concerning.
What versions of PunBB are vulnerable to CVE-2005-0569?
CVE-2005-0569 specifically affects PunBB version 1.2.1.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/punbb
- canonical/punbb
- version/punbb/1.2.1