← back
CVE-2006-1638

CVE-2006-1638

EPSS 1.8%
Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter to (a) accounts.php, (b) changep.php, (c) editac.php, (d) feedback.php, (e) fpass.php, (f) login.php, (g) post.php, (h) reply.php, or (i) reply_log.php; (2) p parameter to (j) dpost.php; (3) c parameter to (k) list.php or (l) ndis.php; or (12) q parameter to (m) search.php.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://evuln.com/vulns/117/summary.htmlhttp://secunia.com/advisories/19486https://exchange.xforce.ibmcloud.com/vulnerabilities/25587http://www.osvdb.org/24340http://www.osvdb.org/24341http://www.osvdb.org/24342http://www.osvdb.org/24343http://www.osvdb.org/24344http://www.osvdb.org/24345http://www.osvdb.org/24346http://www.osvdb.org/24347http://www.osvdb.org/24348