OpenBB 1.0/1.1 Board.PHP Remote SQL Injection Vulnerability

ID SSV:76319
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequences will vary depending on the underlying database implementation.<something>

where <something> represents a SQL query.