CVE-2005-3870 Information

Description

Multiple SQL injection vulnerabilities in edmobbs9r.php in edmoBBS 0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) table and (2) messageID parameters.

Reference

http://pridels0.blogspot.com/2005/11/edmobbs-sql-inj-vuln.html http://secunia.com/advisories/17726 http://www.osvdb.org/21132 http://www.securityfocus.com/bid/15589 http://www.vupen.com/english/advisories/2005/2621