Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote malicious users to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ovbb ovbb 0.5a |
||
ovbb ovbb 0.6a |
||
ovbb ovbb 0.3a |
||
ovbb ovbb 0.7a |
||
ovbb ovbb 0.4a |
||
ovbb ovbb 0.2a |
||
ovbb ovbb 0.8a |
||
ovbb ovbb 0.1a |