CVE-2009-3208
CVE-2009-3208 concerns phpfreeBB 1.0, where SQL injection flaws exist in two vulnerable parameters: id in permalink.php and year in index.php. The underlying issue is improper handling of user-supplied input, allowing remote attackers to craft SQL statements that can be executed by the database. ...