4 matches found
CVE-2005-4346
Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier allows remote attackers to obtain the full path of the application via an invalid permalink parameter to index.php, which produces an invalid SQL query that leaks the full pathname in a SQL syntax error message. NOTE: this was...
CVE-2005-4346
Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier allows remote attackers to obtain the full path of the application via an invalid permalink parameter to index.php, which produces an invalid SQL query that leaks the full pathname in a SQL syntax error message. NOTE: this was...
CVE-2005-4346
phpBB Blog 2.2.2 and earlier: A function in blog.php causes an invalid SQL query when the permalink parameter to index.php is cleansed to empty (non-digit chars stripped), leading to a SQL syntax error that leaks the full application pathname. This is not a true SQL injection in practice, but the...
phpBB Blog 2.2.2 SQL inj. vuln.
phpBB Blog 2.2.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/phpbb-blog-222-sql-inj-vuln.html vendor:http://www.outshine.com/phpbbblog/ affected version:2.2.2 and prior Product Description: This is a blog system for phpBB. It...