CVE-2005-4891: SQL Injection
First published: Wed Jan 15 2020(Updated: )
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Simplemachines Simple Machine Forum | <=1.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Simple Machine Forum?
The vulnerability ID for Simple Machine Forum is CVE-2005-4891.
What is the severity level of CVE-2005-4891?
The severity level of CVE-2005-4891 is critical with a score of 9.8.
What is the affected software version for CVE-2005-4891?
The affected software version for CVE-2005-4891 is Simple Machine Forum versions 1.0.4 and earlier.
How does the SQL injection vulnerability in Simple Machine Forum work?
The SQL injection vulnerability in Simple Machine Forum allows remote attackers to inject arbitrary SQL statements.
Are there any references about CVE-2005-4891?
Yes, you can find references about CVE-2005-4891 at http://www.openwall.com/lists/oss-security/2012/11/14/10 and https://securiteam.com/exploits/5HP0N0KG0O/.
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/simplemachines
- canonical/simplemachines simple machine forum
- version/simplemachines simple machine forum/1.0.4