CVE-2005-0414
published 2005-04-27CVE-2005-0414: SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php…
PriorityP335high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.23%
65.2th percentile
SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mercuryboard | mercuryboard | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70http://marc.info/?l=bugtraq&m=110661795632354&w=2http://marc.info/?l=bugtraq&m=110797495532358&w=2http://securitytracker.com/id?1013137https://exchange.xforce.ibmcloud.com/vulnerabilities/19051http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70http://marc.info/?l=bugtraq&m=110661795632354&w=2http://marc.info/?l=bugtraq&m=110797495532358&w=2http://securitytracker.com/id?1013137https://exchange.xforce.ibmcloud.com/vulnerabilities/19051
2005-04-27
Published