FusionBB Cookie bb_session_id Variable SQL Injection

ID OSVDB:17432
Type osvdb
Reporter OSVDB
Modified 2005-06-19T04:40:43


Solution Description

Upgrade to version .12 Beta or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor URL: http://www.fusionbb.com/ Vendor Specific News/Changelog Entry: http://www.interactivephp.com/misc/CHANGELOG.html Related OSVDB ID: 17433 Other Advisory URL: http://www.gulftech.org/?node=research&article_id=00081-06132005 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-06/0109.html ISS X-Force ID: 21003 CVE-2005-1972