CVE-2014-2339 Information

Description

Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter.

Reference

http://seclists.org/fulldisclosure/2014/Mar/299 http://www.securityfocus.com/bid/66228 https://exchange.xforce.ibmcloud.com/vulnerabilities/91814