Vulnerabilities

CVE-2010-4151

by Fred · 03/11/2010

SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.

Date published : 2010-11-03

http://www.securityfocus.com/bid/44259

http://www.securityfocus.com/archive/1/514374/100/0/threaded

Similar

Tags: Cybersecurity Alert