Unrated severityNVD Advisory· Published Nov 30, 2005· Updated Jun 16, 2026
CVE-2005-3918
CVE-2005-3918
Description
Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:ovbb:ovbb:0.1a:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:ovbb:ovbb:0.1a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.2a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.3a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.4a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.5a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.6a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.7a:*:*:*:*:*:*:*
- cpe:2.3:a:ovbb:ovbb:0.8a:*:*:*:*:*:*:*
- (no CPE)range: 0.08a
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.