header-logo
Suggest Exploit
vendor:
OvBB
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: OvBB
Affected Version From: 0.08a
Affected Version To: 0.08a
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

OvBB Multiple SQL Injection Vulnerabilities

The OvBB forum software is prone to multiple SQL injection vulnerabilities. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Mitigation:

To mitigate the SQL injection vulnerabilities in OvBB, it is recommended to sanitize user input before using it in SQL queries or use prepared statements with parameterized queries. Regularly updating to the latest version of OvBB may also help in preventing such vulnerabilities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15566/info

OvBB is prone to multiple SQL injection vulnerabilities.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

OvBB 0.08a and prior versions are reportedly affected. 

http://www.example.com/forums/thread.php?threadid=[SQL]

Navigation

Suggest Exploit

Services By CQR