CVE-2006-1638

by Fred · 06/04/2006

Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or (i) reply_log.php; (2) p parameter to (j) dpost.php; (3) c parameter to (k) list.php or (l) ndis.php; or (12) q parameter to (m) search.php.

Date published : 2006-04-06

http://www.securityfocus.com/bid/17352

http://www.securityfocus.com/archive/1/431064/100/0/threaded

CVE-2006-1638

Similar

Recent Posts

Categories

CVE-2006-1638

Share this:

Similar

Recent Posts

Categories

Tags