3 matches found
CVE-2005-4159
NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum SMF 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character...
CVE-2005-4159
The CVE concerns Simple Machines Forum (SMF) prior to 1.1 rc1 (inclusive) with a potential SQL injection in Memberlist.php via the start parameter. The vendor disputes that it constitutes a true SQL injection, arguing only a single character can be modified, which may be an invalid SQL syntax err...
CVE-2005-4159
NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum SMF 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character...