DCForum 6.0 - Remote Admin Privilege Compromise Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2728/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. Versions of DCForum are vulnerable to attacks which can yield an elevation of privileges an...

Sql injection

SQL injection vulnerability in signin.aspx in Message Board / Threaded Discussion Forum Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter...

CVE-2007-4110

The CVE-2007-4110 entry describes an SQL injection in sign_in.aspx of a Message Board/Threaded Discussion Forum Application Template, allowing remote execution of arbitrary SQL via the Password parameter. The issue is caused by unsafely incorporated user input into SQL commands, exposing partial ...

Message Board / Threaded Discussion Forum SQL INJECTION

A R I A - S E C U R I T Y Message Board / Threaded Discussion Forum SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...