6 matches found
Sql injection
Multiple SQL injection vulnerabilities in 1 setupmysql.php and 2 setupoptions.php in miniBB 2.2 and possibly earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php...
CVE-2008-2029
Multiple SQL injection vulnerabilities in 1 setupmysql.php and 2 setupoptions.php in miniBB 2.2 and possibly earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php...
CVE-2008-2029
Multiple SQL injection vulnerabilities in 1 setupmysql.php and 2 setupoptions.php in miniBB 2.2 and possibly earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php...
CVE-2004-2456
CVE-2004-2456 is a SQL injection in miniBB (index.php, userinfo action) affecting miniBB 1.7f and earlier. The vulnerability arises from unsanitized input in the user parameter of index.php, enabling remote attackers to execute arbitrary SQL commands. The connected Nessus/NASL entries reference a...
CVE-2004-2456
SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action...
MiniBB 1.7f - user SQL Injection
MiniBB 1.7f - user SQL Injection Example: http://target/minibb/index.php?action=userinfo&user=1%20union%20select%201,2,userpassword%20from%20minibbusers/ milw0rm.com 2004-11-16...