Summary
AdaptBB is prone to multiple security vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, an arbitrary-file-upload issue, and an arbitrary-command-execution issue.
Exploiting these issues can allow an attacker to upload and execute arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks may also be possible.
AdaptBB 1.0 Beta is vulnerable
other versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
- ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
- b2ePMS Multiple SQL Injection Vulnerabilities
- Astium VoIP PBX SQL Injection Vulnerability
- Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability