CVE-2006-4632 Information

Description

Multiple SQL injection vulnerabilities in SoftBB 0.1 and possibly earlier allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.

Reference

http://acid-root.new.fr/advisories/10060904.txt http://secunia.com/advisories/21761 http://securityreason.com/securityalert/1521 http://securitytracker.com/id?1016785 http://www.osvdb.org/28577 http://www.osvdb.org/28578 http://www.securityfocus.com/archive/1/445087/100/0/threaded http://www.vupen.com/english/advisories/2006/3478 https://exchange.xforce.ibmcloud.com/vulnerabilities/28747 https://www.exploit-db.com/exploits/2300