Penetration Testing UK

CVE-2005-2902

CVE-2005-2902

Severity Score

7.5

Access Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

Summary

SQL injection vulnerability in class-1 Forum Software 0.24.4 allows remote attackers to execute arbitrary SQL commands and bypass the file extension check via SQL code in the file extension of an uploaded file.

Learn more about our Penetration Testing services.