CVE-2005-3686
Public Exploits 1
ExploitDB · 1 EDB-1319 [webapps]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-3686
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Unclassified NewsBoard forum.php远程SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Unclassified NewsBoard是一款基于WEB的PHP编写的论坛程序。 Unclassified NewsBoard对用户提交给的参数缺少正确充分的过滤,远程攻击者可以利用此漏洞非授权操作数据库。 Unclassified NewsBoard的forum.php脚本对用户提交DateFrom参数数据缺少充分过滤,远程攻击者可以通过在输入数据中插入特定的SQL命令来非授权获取对数据库的访问。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-3686
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-3686
请登录查看更多情报信息。
Vendor Advisories for CVE-2005-3686 (4)
Exploits & Public PoCs for CVE-2005-3686 (1)
- http://packetstormsecurity.org/0511-exploits/unb153pl3_xpl.htmlx_refsource_MISC
Other References for CVE-2005-3686 (1)
- http://rgod.altervista.org/unb153pl3_xpl.htmlx_refsource_MISC
Same Patch Batch · n/a · 2005-11-19 · 11 CVEs total
| CVE-2005-3683 | FreeFTPD USER命令缓冲区溢出漏洞 | |
| CVE-2005-3684 | FreeFTPD多个缓冲区溢出漏洞 | |
| CVE-2005-3685 | VP-ASP Shopping Cart Shopadmin.ASP 跨站脚本漏洞 | |
| CVE-2005-3687 | WHM AutoPilot取消任意账户请求漏洞 | |
| CVE-2005-3688 | XMB members.php跨站脚本漏洞 | |
| CVE-2005-3689 | XMB post.php安装路径信息泄露漏洞 | |
| CVE-2005-3690 | MailEnable IMAP服务畸形邮箱名远程缓冲区溢出漏洞 | |
| CVE-2005-3691 | MailEnable IMAP命令目录遍历漏洞 | |
| CVE-2005-3692 | AMAX Magic Winmail Server跨站脚本漏洞 | |
| CVE-2005-3693 | 用于卸载SunnComm MediaMax DRM的AxWebRemoveCtrl ActiveX控件执行任意代码漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2005-3686
No comments yet