CVE Vulnerabilities

CVE-2004-2340

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

** UNVERIFIABLE ** SQL injection vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 allows remote attackers to execute arbitrary SQL commands via the username and password fields of the login form. NOTE: the original vulnerability report contains several significant inconsistencies that make it unclear whether the report is accurate, including (1) PB-DB is really the PunkBuster Screenshot Database and not PunkBuster itself; (2) there is no apparent association between PunkBuster and Punky Brewster; (3) the claimed source code is not anywhere in Alpha 6.

Affected Software

Name Vendor Start Version End Version
Punkbuster_database Even_balance 1.0_alpha (including) 1.0_alpha (including)
Punkbuster_database Even_balance 2.0_alpha (including) 2.0_alpha (including)
Punkbuster_database Even_balance 3.0_alpha (including) 3.0_alpha (including)
Punkbuster_database Even_balance 4.0_alpha (including) 4.0_alpha (including)
Punkbuster_database Even_balance 5.0_alpha (including) 5.0_alpha (including)
Punkbuster_database Even_balance 6.0_alpha (including) 6.0_alpha (including)

References