CVE-2009-0882 Information

Description

Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.

Reference

http://www.securityfocus.com/archive/1/501560/100/0/threaded http://www.securityfocus.com/bid/34030