cbcvebase.
CVE-2005-3918
published 2005-11-30

CVE-2005-3918: Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and…

PriorityP336high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.17%
63.5th percentile
Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial.

Affected

8 ranges
VendorProductVersion rangeFixed in
ovbbovbb
ovbbovbb
ovbbovbb
ovbbovbb
ovbbovbb
ovbbovbb
ovbbovbb
ovbbovbb
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.