Description

SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter.

Remediation

References

CVE-2014-10029

Related Vulnerabilities

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34961)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4401)

Moodle Other Vulnerability (CVE-2007-1429)

MySQL CVE-2020-2925 Vulnerability (CVE-2020-2925)

MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41799)

Severity

High

Classification

CVE-2014-10029 CWE-138

Tags

Missing Update Known Vulnerabilities