Summary
AdaptBB is prone to multiple security vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, an arbitrary-file-upload issue, and an arbitrary-command-execution issue.
Exploiting these issues can allow an attacker to upload and execute arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks may also be possible.
AdaptBB 1.0 Beta is vulnerable
other versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- AjaxPortal 'di.php' File Inclusion Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- 68designs 68kb Multiple Remote File Include Vulnerabilities
- Atmail Multiple Unspecified Security Vulnerabilities.