Network Security News – Saturday, June 04, 2005 Events
MyBulletinBoard (MyBB) newreply.php tid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'tid' variable in the newreply.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17019
MyBulletinBoard (MyBB) online.php pidsql Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'pidsql' variable in the online.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17015
MyBulletinBoard (MyBB) polls.php tid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'tid' variable in the polls.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17026
MyBulletinBoard (MyBB) portal.php username Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'username' variable in the portal.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17025
MyBulletinBoard (MyBB) printthread.php tid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'tid' variable in the printthread.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17023
MyBulletinBoard (MyBB) ratethread.php tid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'tid' variable in the ratethread.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17027
MyBulletinBoard (MyBB) reputation.php pid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'pid' variable in the reputation.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17024
MyBulletinBoard (MyBB) search.php sid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'sid' variable in the search.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17020
MyBulletinBoard (MyBB) showthread.php Multiple Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'tid' and 'pid' variables in the showthread.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17021
MyBulletinBoard (MyBB) usercp2.php tid Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'tid' variable in the usercp2.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/17022
Leave a Reply