Description

SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter.

Remediation

References

CVE-2014-10029

Related Vulnerabilities

Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)

Drupal Core 8.x.x Information Disclosure (8.0.0 - 8.7.14)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)

Oracle JRE CVE-2012-5083 Vulnerability (CVE-2012-5083)

WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0)

Severity

High

Classification

CVE-2014-10029 CWE-138

Tags

Missing Update Known Vulnerabilities