NuytsTech Security

CVE-2005-3423

by ·

Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.php, (c) phpbb2.php, (d) vbulletin2.php, and (e) vbulletin3.php.

Date published : 2005-11-01

http://www.securityfocus.com/bid/15238

http://rst.void.ru/papers/advisory35.txt

Tags: