Description
phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the resulting error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin Payment Gateways Caller for WP e-Commerce Local File Inclusion (0.1)
Joomla Improper Input Validation Vulnerability (CVE-2015-8562)
WordPress Plugin Gallery from files Multiple Vulnerabilities (1.60)
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-5968)
Dolibarr Improper Authentication Vulnerability (CVE-2017-8879)