DeluxeBB 1.0 newpost.php fid Parameter SQL Injection

ID EDB-ID:26268
Type exploitdb
Reporter abducter
Modified 2005-09-15T00:00:00


DeluxeBB 1.0 newpost.php fid Parameter SQL Injection. CVE- 2005-2989. Webapps exploit for php platform

DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.[code]