PD9 Software MegaBBS 2.0/2.1 - 'view-profile.asp' Multiple SQL Injections

2004-09-27T00:00:00
ID EDB-ID:24633
Type exploitdb
Reporter pigrelax
Modified 2004-09-27T00:00:00

Description

                                        
                                            source: https://www.securityfocus.com/bid/11253/info
  
MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection attacks.
  
MegaBBS versions 2.0 and 2.1 are reported prone to these issues.

view-profile.asp?type=single&memberid=1'
view-profile.asp?type=team&teamid=1'