Unrated severityNVD Advisory· Published Nov 29, 2005· Updated Apr 16, 2026

CVE-2005-3871

Description

Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) 0.9.9rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter in topiczeigen.php, (2) forum and (3) zeigeseite parameters in showforum.php, (4) forum parameter in newtopic.php, and (5) tidnr parameter in neuerbeitrag.php.

Affected products

Jbb/Jbb
cpe:2.3:a:jbb:jbb:*:*:*:*:*:*:*:*
Range: <=0.9.9_rc3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17727nvdVendor Advisory
pridels0.blogspot.com/2005/11/jbb-sql-inj-vuln.htmlnvd
www.osvdb.org/21148nvd
www.osvdb.org/21149nvd
www.osvdb.org/21150nvd
www.osvdb.org/21151nvd
www.securityfocus.com/bid/15590nvd
www.vupen.com/english/advisories/2005/2620nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000