SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Minibb | Minibb | 1.2 (including) | 1.2 (including) |
Minibb | Minibb | 1.5 (including) | 1.5 (including) |
Minibb | Minibb | 1.6 (including) | 1.6 (including) |
Minibb | Minibb | 1.7 (including) | 1.7 (including) |
Minibb | Minibb | 1.7a (including) | 1.7a (including) |
Minibb | Minibb | 1.7c (including) | 1.7c (including) |