CVE-2006-1811 Information

Description

Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the (1) id (2) forumid or (3) threadid parameter to index.php; the (4) ICQ (5) AIM (6) MSN (7) Google Talk (8) Website Name (9) Website Address (10) Email Address (11) Location (12) Signature and (13) Sub-Titles fields in the user profile; or (14) flexbb_password field in a cookie.

Reference

http://www.securityfocus.com/archive/1/431121/100/0/threaded http://www.securityfocus.com/bid/17574