Description
SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2005-4696 | SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430. |
References
| Link | Providers |
|---|---|
| http://www.securityfocus.com/bid/15205 |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T17:53:36.914Z
Reserved: 2006-02-01T00:00:00.000Z
Link: CVE-2005-4702
No data.
Status : Modified
Published: 2005-12-31T05:00:00.000
Modified: 2026-06-16T22:19:16.417
Link: CVE-2005-4702
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD