DeluxeBB 'misc.php' SQL Injection Vulnerability Network Vulnerability

Summary

DeluxeBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. DeluxeBB 1.3 and earlier versions are vulnerable.

Solution

Upgrade to newer Version if available.

References

http://www.deluxebb.com/
http://www.securityfocus.com/bid/34174

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1033

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AdaptBB Multiple Input Validation Vulnerabilities
ApPHP MicroBlog Remote Code Execution Vulnerability
Apache Tomcat /servlet Cross Site Scripting
Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
Alchemy Eye HTTP Command Execution

Take action and discover your vulnerabilities