XennoBB profile.php Multiple Variable POST Method SQL Injection

2006-08-05T06:35:14
ID OSVDB:27826
Type osvdb
Reporter OSVDB
Modified 2006-08-05T06:35:14

Description

Solution Description

Upgrade to version 2.2.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.xennobb.com/ Secunia Advisory ID:21409 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0102.html