Lucene search
MitreCVE-2014-10029HistoryJan 13, 2015 - 11:59 a.m.
CVE-2014-10029
2015-01-1311:59:35
CWE-89
mitre
web.nvd.nist.gov
24
cve
sql injection
profile.php
fluxbb
1.4.13
1.5.7
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.007
Percentile
81.0%
SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter.
Affected configurations
Node
fluxbbfluxbbRange≤1.4.11
ORfluxbbfluxbbMatch1.5.0
ORfluxbbfluxbbMatch1.5.1
ORfluxbbfluxbbMatch1.5.2
ORfluxbbfluxbbMatch1.5.3
ORfluxbbfluxbbMatch1.5.4
ORfluxbbfluxbbMatch1.5.5
ORfluxbbfluxbbMatch1.5.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fluxbb | fluxbb | * | cpe:2.3:a:fluxbb:fluxbb:*:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.0 | cpe:2.3:a:fluxbb:fluxbb:1.5.0:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.1 | cpe:2.3:a:fluxbb:fluxbb:1.5.1:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.2 | cpe:2.3:a:fluxbb:fluxbb:1.5.2:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.3 | cpe:2.3:a:fluxbb:fluxbb:1.5.3:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.4 | cpe:2.3:a:fluxbb:fluxbb:1.5.4:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.5 | cpe:2.3:a:fluxbb:fluxbb:1.5.5:*:*:*:*:*:*:* |
| fluxbb | fluxbb | 1.5.6 | cpe:2.3:a:fluxbb:fluxbb:1.5.6:*:*:*:*:*:*:* |
Related
zdt
zdt
FluxBB < 1.5.6 - SQL Injection Exploit
2018-10-12 00:00:00
cvelist
cvelist
CVE-2014-10029
2015-01-13 11:00:00
prion
prion
Sql injection
2015-01-13 11:59:00
exploitdb
exploitdb
FluxBB < 1.5.6 - SQL Injection
2014-11-21 00:00:00
nvd
nvd
CVE-2014-10029
2015-01-13 11:59:35
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.007
Percentile
81.0%
Related for CVE-2014-10029