CVE-2005-4612 Information

Description

Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php (2) t parameter to viewtopic.php and (3) view parameter to usercp.php.

Reference

http://pridels0.blogspot.com/2005/11/vubb-forum-sql-and-xss-vuln.html http://www.osvdb.org/21329 http://www.osvdb.org/21330 http://www.osvdb.org/21331 https://exchange.xforce.ibmcloud.com/vulnerabilities/24350