8 lines
No EOL
676 B
Text
8 lines
No EOL
676 B
Text
source: https://www.securityfocus.com/bid/11982/info
|
|
|
|
Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries.
|
|
|
|
An attacker may exploit these issues to manipulate SQL queries to the underlying database. This may facilitate theft of sensitive information, potentially including authentication credentials, and data corruption.
|
|
|
|
http://host/support/ikonboard.cgi?act=ST&f=27&t=13066&hl=nickname&st=[SQL_Syntax]
|
|
http://host/support/ikonboard.cgi?act=Search&CODE=01&keywords=[SQL_Syntax]&type=name&forums=all&search_in=all&prune=0 |