CVE-2009-0851

Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.

Date published : 2009-03-09

http://www.securityfocus.com/bid/34014

http://www.securityfocus.com/archive/1/501481/100/0/threaded