Summary
CelerBB is prone to an information-disclosure vulnerability and multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data.
A successful attack could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
CelerBB 0.0.2 is vulnerable
other versions may also be affected.
Severity
Classification
-
CVE CVE-2009-0711 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Apache Subversion Module Metadata Accessible