CVE-2007-0642

SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL – ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp.

Date published : 2007-01-31

http://www.securityfocus.com/bid/22350

http://www.securityfocus.com/archive/1/458495/100/0/threaded