SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote malicious users to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
flexbb flexbb 0.5.5 |