GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injections
| EKU-ID: 43474 | CVE: CVE-2014-2339;OSVDB-104445 | OSVDB-ID: |
| Author: Claepo Wang | Published: 2014-03-19 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43474 | CVE: CVE-2014-2339;OSVDB-104445 | OSVDB-ID: |
| Author: Claepo Wang | Published: 2014-03-19 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/66228/info GNUboard is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/bbs/ajax.autosave.php?content=1&subject=1[SQLi]