CVE-2005-2989 Information

Description

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php the uid parameter to (2) misc.php or (3) pm.php or the fid parameter to (3) forums.php or (4) newpost.php.

Reference

http://secunia.com/advisories/16819 http://www.securityfocus.com/bid/14851 http://www.vupen.com/english/advisories/2005/1752