CVE-2005-2193
Last modified
CVE-2005-2193 is a vulnerability of currently unknown severity. SQL injection vulnerability in the user profile edit module in profile.php for PunBB 1.2.5 and earlier allows remote attackers to execute arbitrary SQL statements via the temp array, which is not initialized before it is used and prevents the attacker-supplied portions of the array from being properly escaped.. EPSS estimates a 1.23% chance of exploitation in the next 30 days.
Description
SQL injection vulnerability in the user profile edit module in profile.php for PunBB 1.2.5 and earlier allows remote attackers to execute arbitrary SQL statements via the temp array, which is not initialized before it is used and prevents the attacker-supplied portions of the array from being properly escaped.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Punbb | Punbb | 1.0 |
| Punbb | Punbb | 1.0.1 |
| Punbb | Punbb | 1.0_alpha |
| Punbb | Punbb | 1.0_beta1 |
| Punbb | Punbb | 1.0_beta2 |
| Punbb | Punbb | 1.0_beta3 |
| Punbb | Punbb | 1.0_rc1 |
| Punbb | Punbb | 1.0_rc2 |
| Punbb | Punbb | 1.1 |
| Punbb | Punbb | 1.1.1 |
| Punbb | Punbb | 1.1.2 |
| Punbb | Punbb | 1.1.3 |
| Punbb | Punbb | 1.1.4 |
| Punbb | Punbb | 1.1.5 |
| Punbb | Punbb | 1.2.1 |
| Punbb | Punbb | 1.2.2 |
| Punbb | Punbb | 1.2.3 |
| Punbb | Punbb | 1.2.4 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2193?
How severe is CVE-2005-2193?
How do I fix CVE-2005-2193?
Are you affected by CVE-2005-2193?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST