SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpbb | Phpbb_group | 1.4.1 | 1.4.1 |
Phpbb | Phpbb_group | 1.4.0 | 1.4.0 |