CVE-2008-6301

CVE-2008-6301 : A SQL injection vulnerability affects the Small ShoutBox module 1.4 for phpBB via the id parameter in the delete action in shoutbox_view.php. Remote attackers could potentially execute arbitrary SQL commands. The connected documents provide explicit details of affected software an...

phpBB Small ShoutBox模块shoutbox_view.php脚本SQL注入漏洞

BUGTRAQ ID: 32287 Small ShoutBox模块是phpBB论坛中所使用的一个留言板模块。 如果mode设置为delete的话，Small ShoutBox模块的shoutboxview.php文件没有正确地过滤对id参数的输入便用在了SQL查询中： File shoutboxview.php 50. $id = isset$HTTPGETVARS'id' ? $HTTPGETVARS'id' : $HTTPPOSTVARS'id'; 168. if $mode == "delete" && $adel 169. 170. $sql = "DELETE FROM "...

phpBB Mod Small ShoutBox 1.4 - Remote EditDelete Messages

phpBB Mod Small ShoutBox 1.4 - Remote EditDelete Messages / -------------------------------------------------------------- phpBB Mod Small ShoutBox 1.4 Remote Edit/Delete Messages Vuln -------------------------------------------------------------- Discovered By StAkeRathotmaildotit Download On...