UBBCentral UBB.Threads 6.0 - 'editpost.php' SQL Injection
| EKU-ID: 30566 | CVE: | OSVDB-ID: |
| Author: ADZ Security Team | Published: 2005-03-11 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30566 | CVE: | OSVDB-ID: |
| Author: ADZ Security Team | Published: 2005-03-11 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12784/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported prone to this issue. It is likely that other versions are affected as well. http://www.example.com/[path]/editpost.php?Cat=X&Board=X&Number=1'%20OR%20'a'='a