2 matches found
CVE-2008-4431
SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the cleanstring function in includes/functions.php...
CVE-2008-4431
CVE-2008-4431 describes a SQL injection in IceBB 1.0-rc9.3 and earlier, exploitable via the skin parameter in index.php. The root cause is a likely flaw in the protection mechanism within the clean_string function in includes/functions.php, allowing remote attackers to execute arbitrary SQL comma...