CVE-2004-1555 Information

Description

Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp (2) handle parameter to profile.asp (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.

Reference

http://marc.info/?l=bugtraq&m=109630777608244&w=2 http://secunia.com/advisories/12658 http://securitytracker.com/id?1011419 http://www.securityfocus.com/bid/11250 https://exchange.xforce.ibmcloud.com/vulnerabilities/17498 https://exchange.xforce.ibmcloud.com/vulnerabilities/17500 https://exchange.xforce.ibmcloud.com/vulnerabilities/17501 https://exchange.xforce.ibmcloud.com/vulnerabilities/17502