Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-0651

Description

Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4) post name in the post creation feature, (5) City, (6) Homepage, (7) ICQ, (8) AOL, (9) Yahoo!, (10) MSN, or (11) e-mail fields in the profile feature or (12) the new field in the moderator section.

Affected products

Projectbb/Projectbb
cpe:2.3:a:projectbb:projectbb:0.4.5.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
www.securityfocus.com/bid/12710nvdExploit
marc.infonvd
secunia.com/advisories/14533nvd
www.vupen.com/english/advisories/2005/0223nvd
exchange.xforce.ibmcloud.com/vulnerabilities/19557nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000