FreezingCold Broadboard - 'search.asp' SQL Injection

EDB-ID:

24625

Author:

pigrelax

Type:

webapps

Platform:

ASP

Published:

2004-09-27

source: http://www.securityfocus.com/bid/11250/info

Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in an SQL query.

An attacker may exploit these issues to manipulate SQL queries, potentially revealing or corrupting sensitive database data. These issues may also facilitate attacks against the underlying database software.

http://broadboard/forum/search.asp?archives=1&action=1&keywords=