DeluxeBB 1.0 - 'newpost.php' SQL Injection
| EKU-ID: 31591 | CVE: CVE-2005-2989;OSVDB-19408 | OSVDB-ID: |
| Author: abducter | Published: 2005-09-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31591 | CVE: CVE-2005-2989;OSVDB-19408 | OSVDB-ID: |
| Author: abducter | Published: 2005-09-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/newpost.php?sub=newthread&fid=[code]