漏洞标题
N/A
漏洞描述信息
SQL注入漏洞在IPBProArcade 2.5.2中的 favorites模块中允许远程攻击者通过gameid参数注入任意SQL命令。注意:此信息的来源未知;仅从第三方信息获得详细信息。此外,第三方使用的演示代码表明,这可能是与shell字符相关的另一种漏洞类型。最后,这可能是CVE-2004-1430的重印。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
IPBProArcade GameID Parameter远程SQL注入漏洞
漏洞描述信息
IPBProArcade 2.5.2中的index.php的favorites模块存在SQL注入漏洞,远程攻击者可以通过gameid参数注入任意SQL命令。
CVSS信息
N/A
漏洞类别
SQL注入