Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbb openbb 1.0.0 rc2 |
||
openbb openbb 1.0.8 |
||
openbb openbb 1.0.6 |
||
openbb openbb 1.0.0 beta1 |
||
openbb openbb 1.0.5 |
||
openbb openbb 1.0.0 rc3 |
||
openbb openbb 1.0.0 rc1 |