SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xmb | Xmb_forum | 1.8_sp3 (including) | 1.8_sp3 (including) |
Xmb | Xmb_forum | 1.9_beta (including) | 1.9_beta (including) |