CVE-2011-5137 Information

Description

Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php the (2) BoardID parameter to viewboard.php or (3) CatID parameter to viewcat.php.

Reference

http://packetstormsecurity.org/files/view/108184/tforum-sqlxss.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/71975