PHP-Ultimate WebBoard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1056805 漏洞类型
发布时间 2008-08-25 更新时间 2008-08-25
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/32295
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/30822/info

PHP-Ultimate Webboard is prone multiple-input validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

Successful exploits will allow unauthorized attackers to delete arbitrary questions and answers. Attackers may also exploit these issues to perform SQL-injection attacks.

PHP-Ultimate Webboard 2.0 is vulnerable; other versions may also be affected. 

http://www.example.com/webboard/admindel.php?action=delete&mode=question&qno=[NUM]&ano=[NUM]