Unrated severityNVD Advisory· Published Oct 20, 2005· Updated Apr 16, 2026

CVE-2005-3259

Description

Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php.

Affected products

Versatilebulletinboard/Versatilebulletinboard
cpe:2.3:a:versatilebulletinboard:versatilebulletinboard:1.0.0.rc2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rgod.altervista.org/versatile100RC2.htmlnvdExploitVendor Advisory
www.securityfocus.com/bid/15068nvdExploit
secunia.com/advisories/17174/nvdVendor Advisory
marc.infonvd
www.osvdb.org/19962nvd
www.osvdb.org/19963nvd
www.osvdb.org/19964nvd
www.osvdb.org/19965nvd
www.osvdb.org/19966nvd
www.osvdb.org/19967nvd
www.osvdb.org/19968nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000