CVE-2007-1902

Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php.

Link	Resource
http://marc.info/?l=full-disclosure&m=117914598917534&w=2
http://www.netvigilance.com/advisory0019	Exploit Vendor Advisory
http://www.osvdb.org/33907
http://www.securityfocus.com/bid/23964
http://secunia.com/advisories/25279
http://www.vupen.com/english/advisories/2007/1816
https://exchange.xforce.ibmcloud.com/vulnerabilities/34258
http://www.securityfocus.com/archive/1/468536/100/0/threaded

Configuration 1

cpe:2.3:a:sonicbb:sonicbb:1.0:*:*:*:*:*:*:*

---

Published : 2007-05-14 09:19

Updated : 2018-10-16 04:41

---

NVD link : CVE-2007-1902

Mitre link : CVE-2007-1902

No products.

NVD-CWE-Other