Description
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter.
Remediation
References
Related Vulnerabilities
Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)
Oracle Database Server CVE-2019-2913 Vulnerability (CVE-2019-2913)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-35652)
Moodle Improper Input Validation Vulnerability (CVE-2019-10134)
WordPress Plugin Phoenix Media Rename Security Bypass (3.4.2)