Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2004-0036
sql injection
calendar.php
vbulletin forum
remote attackers
sensitive information
eventid parameter
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.2 High
AI Score
Confidence
Low
0.039 Low
EPSS
Percentile
92.1%
SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter.
Affected configurations
Node
jelsoftvbulletinMatch2.3.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| jelsoft:vbulletin | jelsoft vbulletin | eq | 2.3.0 |
Related
cvelist
cvelist
CVE-2004-0036
2004-09-01 04:00:00
CVE-2006-2018
2006-04-25 10:00:00
nvd
nvd
CVE-2004-0036
2004-01-20 05:00:00
CVE-2006-2018
2006-04-25 12:50:00
nessus
nessus
vBulletin calendar.php eventid Parameter SQL Injection
2004-01-06 00:00:00
cve
cve
CVE-2006-2018
2006-04-25 12:50:00
prion
prion
Sql injection
2006-04-25 12:50:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.2 High
AI Score
Confidence
Low
0.039 Low
EPSS
Percentile
92.1%
Related for CVE-2004-0036