Sql injection

2008-07-0318:41:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

42.0%

JSON

Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.

CPENameOperatorVersion
gravity_board_xeq2.0 beta

CPE	Name	Operator	Version
	gravity_board_x	eq	2.0 beta

References

securityreason.com/securityalert/3970

www.securityfocus.com/bid/29685

exchange.xforce.ibmcloud.com/vulnerabilities/43022

www.exploit-db.com/exploits/5791