header-logo
Suggest Exploit
vendor:
BroadBoard Message Board
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: BroadBoard Message Board
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:broadboard:message_board
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

BroadBoard Message Board SQL Injection Vulnerabilities

The BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These vulnerabilities occur due to a failure in sanitizing user-supplied input before using it in an SQL query. An attacker can exploit these vulnerabilities to manipulate SQL queries, potentially revealing or corrupting sensitive database data. Additionally, these vulnerabilities can facilitate attacks against the underlying database software.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques. Additionally, using parameterized queries or prepared statements can help prevent SQL injection attacks. Regularly updating the software to the latest version is also advised.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11250/info
 
Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in an SQL query.
 
An attacker may exploit these issues to manipulate SQL queries, potentially revealing or corrupting sensitive database data. These issues may also facilitate attacks against the underlying database software.

http://broadboard/forum/profile.asp?handle=['SQL code]

Navigation

Suggest Exploit

Services By CQR