SQL injection vulnerability in search.inc.php in Unclassified NewsBoard prior to 1.5.3 Patch 4 allows remote malicious users to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
newsboard unclassified newsboard |