Description

SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter.

Remediation

References

CVE-2003-1530

Related Vulnerabilities

Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)

Oracle Database Server CVE-2019-2913 Vulnerability (CVE-2019-2913)

Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-35652)

Moodle Improper Input Validation Vulnerability (CVE-2019-10134)

WordPress Plugin Phoenix Media Rename Security Bypass (3.4.2)

Severity

High

Classification

CVE-2003-1530 CWE-138

Tags

Missing Update Known Vulnerabilities