OvBB 0.x profile.php userid Parameter SQL Injection

ID EDB-ID:26590
Type exploitdb
Reporter r0t3d3Vil
Modified 2005-11-24T00:00:00


OvBB 0.x profile.php userid Parameter SQL Injection. CVE-2005-3918. Webapps exploit for php platform

                                            source: http://www.securityfocus.com/bid/15566/info
OvBB is prone to multiple SQL injection vulnerabilities.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
OvBB 0.08a and prior versions are reportedly affected.