VYPR
Unrated severityNVD Advisory· Published Nov 30, 2005· Updated Jun 16, 2026

CVE-2005-3918

CVE-2005-3918

Description

Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • Ovbb/Ovbb9 versions
    cpe:2.3:a:ovbb:ovbb:0.1a:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:ovbb:ovbb:0.1a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.2a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.3a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.4a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.5a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.6a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.7a:*:*:*:*:*:*:*
    • cpe:2.3:a:ovbb:ovbb:0.8a:*:*:*:*:*:*:*
    • (no CPE)range: 0.08a

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.