SQL injection vulnerability in includes/functions/banners-external.php in phpBP 2 RC3 (2.204) FIX 4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a banner_out action.
References
Configurations
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) http://www.phpbp.com/filedownload-phpbp2-RC3-204-fix5_22.html - URL Repurposed |
Information
Published : 2008-03-20 10:44
Updated : 2024-02-28 11:21
NVD link : CVE-2008-1408
Mitre link : CVE-2008-1408
CVE.ORG link : CVE-2008-1408
JSON object : View
Products Affected
phpbp
- phpbp
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')