CVE-2005-0414 : SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote att

SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter.

Published 2005-04-27 04:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql Injection

Products affected by CVE-2005-0414

Mercuryboard » Mercuryboard » Version: 1.1.1
cpe:2.3:a:mercuryboard:mercuryboard:1.1.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-0414

EPSS FAQ

0.55%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 65 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-0414

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-0414

https://exchange.xforce.ibmcloud.com/vulnerabilities/19051

MercuryBoard index.php script SQL injection CVE-2005-0662 Vulnerability Report

CVEs referencing this url
http://marc.info/?l=bugtraq&m=110797495532358&w=2
http://marc.info/?l=bugtraq&m=110661795632354&w=2

'Multiple vulnerabilities in MercuryBoard 1.1.1' - MARC

CVEs referencing this url
http://securitytracker.com/id?1013137

Exploit;Patch;Vendor Advisory
http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70

Jump to

Vulnerability Details : CVE-2005-0414

Products affected by CVE-2005-0414

Exploit prediction scoring system (EPSS) score for CVE-2005-0414

CVSS scores for CVE-2005-0414

References for CVE-2005-0414