Description

SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action.

Remediation

References

CVE-2007-4653

Related Vulnerabilities

phpMyAdmin Other Vulnerability (CVE-2006-6944)

SharePoint CVE-2020-17118 Vulnerability (CVE-2020-17118)

WordPress Plugin Download from files Arbitrary File Upload (1.48)

PHP Improper Input Validation Vulnerability (CVE-2008-3660)

WordPress Plugin WP Statistics Cross-Site Scripting (13.0.9)

Severity

High

Classification

CVE-2007-4653 CWE-138

Tags

Missing Update Known Vulnerabilities