The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and previous versions allows remote malicious users to read arbitrary messages by modifying the id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbb openbb 1.0_.0_rc1 |
||
openbb openbb 1.0_.0_rc2 |
||
openbb openbb 1.0_.0_beta1 |
||
openbb openbb 1.0_.0_rc3 |
||
openbb openbb 1.0_.5 |
||
openbb openbb 1.0_.6 |