SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xmb | Xmb_forum | 1.8_sp3 (including) | 1.8_sp3 (including) |
| Xmb | Xmb_forum | 1.9_beta (including) | 1.9_beta (including) |
References
- http://marc.info/?l=bugtraq\u0026m=108032355905265\u0026w=2
- http://securitytracker.com/id?1009561
- http://www.osvdb.org/16886
- http://www.securityfocus.com/bid/9983
- https://docs.xmbforum2.com/index.php?title=Security_Issue_History
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15655
- http://marc.info/?l=bugtraq\u0026m=108032355905265\u0026w=2
- http://securitytracker.com/id?1009561
- http://www.osvdb.org/16886
- http://www.securityfocus.com/bid/9983
- https://docs.xmbforum2.com/index.php?title=Security_Issue_History
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15655