SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote malicious users to execute arbitrary SQL commands via the id parameter.
source: wwwsecurityfocuscom/bid/17952/info
Chart Mod is prone to multiple input-validation vulnerabilities The issues include cross-site scripting and SQL-injection vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input
A successful exploit of these vulnerabilities could allow an ...