CVE-2005-2058

2005-06-29T04:00:00
ID CVE-2005-2058
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T03:24:00

Description

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.