bony2023 Discussion-Board functions/main.php display_all_replies str SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame bony2023 Discussion-Board keessatti argameera. Miidhamni argame is hojii display_all_replies faayilii functions/main.php keessa. Wanti jijjiirame irratti str gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-89 si geessa. Odeeffannoon kun yeroo 01/14/2023 maxxanfameera akka 26439bc4c63632d63ba89ebc0f149b25a9010361. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2015-10051 jedhamee waamama. Weerara kanaaf milkaa'ina argachuuf, networkii naannoo irratti argamuu qabda. Ibsa teeknikaa ni jira. Meeshaa balaa kana fayyadamuuf hin jirre. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ଅପରିଭାଷିତ ta’uu isaa ibsameera. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. Idaantifayarii paachii 26439bc4c63632d63ba89ebc0f149b25a9010361 dha. Sirreeffamni dogoggoraa github.com irraa buufachuuf jira. Rakkoo kana furuuf paachii fe'uun ni gorfama. If you want to get best quality of vulnerability data, you may have to visit VulDB.

3 ଆଡାପ୍ଟେସନ୍ · 74 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
01/14/2023 06:24 PM
ଅଦ୍ୟତନ 1/2
02/07/2023 03:00 PM
ଅଦ୍ୟତନ 2/2
02/07/2023 03:03 PM
software_vendorbony2023bony2023bony2023
software_nameDiscussion-BoardDiscussion-BoardDiscussion-Board
software_filefunctions/main.phpfunctions/main.phpfunctions/main.php
software_functiondisplay_all_repliesdisplay_all_repliesdisplay_all_replies
software_argumentstrstrstr
vulnerability_cweCWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk222
cvss3_vuldb_acLLL
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
advisory_identifier26439bc4c63632d63ba89ebc0f149b25a901036126439bc4c63632d63ba89ebc0f149b25a901036126439bc4c63632d63ba89ebc0f149b25a9010361
advisory_urlhttps://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361
countermeasure_nameପ୍ୟାଚ୍ପ୍ୟାଚ୍ପ୍ୟାଚ୍
patch_name26439bc4c63632d63ba89ebc0f149b25a901036126439bc4c63632d63ba89ebc0f149b25a901036126439bc4c63632d63ba89ebc0f149b25a9010361
countermeasure_patch_urlhttps://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361
countermeasure_advisoryquoteAdded function to prevent SQL InjectionAdded function to prevent SQL InjectionAdded function to prevent SQL Injection
source_cveCVE-2015-10051CVE-2015-10051CVE-2015-10051
cna_responsibleVulDBVulDBVulDB
advisory_date1673650800 (01/14/2023)1673650800 (01/14/2023)1673650800 (01/14/2023)
software_typeForum SoftwareForum SoftwareForum Software
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_avAAA
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_eXXX
cvss2_vuldb_basescore5.25.25.2
cvss2_vuldb_tempscore4.54.54.5
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.35.35.3
cvss3_meta_basescore5.55.56.9
cvss3_meta_tempscore5.35.36.9
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1673650800 (01/14/2023)1673650800 (01/14/2023)
cve_nvd_summaryA vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avA
cvss2_nvd_acL
cvss2_nvd_auS
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss3_cna_avA
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaVulDB
cvss2_nvd_basescore5.2
cvss3_nvd_basescore9.8
cvss3_cna_basescore5.5

Do you want to use VulDB in your project?

Use the official API to access entries easily!