CVE-2006-0750 Information

Description

SQL injection vulnerability in army.php in supersmashbrothers (SSB) Army System 2.1.0 for Invision Power Board (IPB) allows remote attackers to execute arbitrary SQL commands via the userstat parameter in an army action to index.php.

Reference

http://secubox.shadock.net/Invision_Power_Board_Army_System_Mod_2.1_and_prior_SQL_Injection_Exploit.html http://secunia.com/advisories/18840 http://www.securityfocus.com/archive/1/424846/100/0/threaded http://www.securityfocus.com/bid/16606 http://www.vupen.com/english/advisories/2006/0561 https://exchange.xforce.ibmcloud.com/vulnerabilities/24654