VDB-218378 · CVE-2015-10051 · GCVE-100-218378

bony2023 Discussion-Board functions/main.php display_all_replies str SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame bony2023 Discussion-Board keessatti argameera. Miidhamni argame is hojii display_all_replies faayilii functions/main.php keessa. Wanti jijjiirame irratti str gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-89 si geessa. Odeeffannoon kun yeroo 01/14/2023 maxxanfameera akka 26439bc4c63632d63ba89ebc0f149b25a9010361. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2015-10051 jedhamee waamama. Weerara kanaaf milkaa'ina argachuuf, networkii naannoo irratti argamuu qabda. Ibsa teeknikaa ni jira. Meeshaa balaa kana fayyadamuuf hin jirre. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ଅପରିଭାଷିତ ta’uu isaa ibsameera. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. Idaantifayarii paachii 26439bc4c63632d63ba89ebc0f149b25a9010361 dha. Sirreeffamni dogoggoraa github.com irraa buufachuuf jira. Rakkoo kana furuuf paachii fe'uun ni gorfama. If you want to get best quality of vulnerability data, you may have to visit VulDB.

3 ଆଡାପ୍ଟେସନ୍ · 74 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 01/14/2023 06:24 PM	ଅଦ୍ୟତନ 1/2 02/07/2023 03:00 PM	ଅଦ୍ୟତନ 2/2 02/07/2023 03:03 PM
software_vendor	bony2023	bony2023	bony2023
software_name	Discussion-Board	Discussion-Board	Discussion-Board
software_file	functions/main.php	functions/main.php	functions/main.php
software_function	display_all_replies	display_all_replies	display_all_replies
software_argument	str	str	str
vulnerability_cwe	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk	2	2	2
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_identifier	26439bc4c63632d63ba89ebc0f149b25a9010361	26439bc4c63632d63ba89ebc0f149b25a9010361	26439bc4c63632d63ba89ebc0f149b25a9010361
advisory_url	https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361	https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361	https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361
countermeasure_name	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍
patch_name	26439bc4c63632d63ba89ebc0f149b25a9010361	26439bc4c63632d63ba89ebc0f149b25a9010361	26439bc4c63632d63ba89ebc0f149b25a9010361
countermeasure_patch_url	https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361	https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361	https://github.com/bony2023/Discussion-Board/commit/26439bc4c63632d63ba89ebc0f149b25a9010361
countermeasure_advisoryquote	Added function to prevent SQL Injection	Added function to prevent SQL Injection	Added function to prevent SQL Injection
source_cve	CVE-2015-10051	CVE-2015-10051	CVE-2015-10051
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1673650800 (01/14/2023)	1673650800 (01/14/2023)	1673650800 (01/14/2023)
software_type	Forum Software	Forum Software	Forum Software
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_av	A	A	A
cvss2_vuldb_au	S	S	S
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_av	A	A	A
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	5.2	5.2	5.2
cvss2_vuldb_tempscore	4.5	4.5	4.5
cvss3_vuldb_basescore	5.5	5.5	5.5
cvss3_vuldb_tempscore	5.3	5.3	5.3
cvss3_meta_basescore	5.5	5.5	6.9
cvss3_meta_tempscore	5.3	5.3	6.9
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1673650800 (01/14/2023)	1673650800 (01/14/2023)
cve_nvd_summary		A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.	A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss2_nvd_av			A
cvss2_nvd_ac			L
cvss2_nvd_au			S
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cvss3_cna_av			A
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			5.2
cvss3_nvd_basescore			9.8
cvss3_cna_basescore			5.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!