CVE-2008-6100
CVE-2008-6100 documents multiple SQL injection vulnerabilities in the older system Discussion Forums 2k 3.3 when magic_quotes_gpc is disabled. The faults allow remote attackers to craft input via (1) CatID parameters to RSS1.php and RSS2.php (in misc/) and (2) SubID to RSS5.php (in misc/) to exec...