OvBB SQL vulnerabilities.

2005-11-24T00:00:00
ID SECURITYVULNS:DOC:10339
Type securityvulns
Reporter Securityvulns
Modified 2005-11-24T00:00:00

Description

OvBB SQL vulnerabilities.

Vuln. dicovered by : r0t Date: 24 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/ovbb-sql-vulnerabilities.html Vendor:http://www.ovbb.org/ affected version: V0.08a and prior

Vuln. description: Input passed to the "threadid" parameter in "thread.php" isn't properly sanitised before being used in a SQL query. And input passed to the "userid" parameter in "profile.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

examples: http://host/forums/thread.php?threadid=[SQL] http://host/forums/profile.php?userid=[SQL]

Solution: Edit the source code to ensure that input is properly sanitised.