Description

SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action.

Remediation

References

CVE-2007-4653

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20280)

WordPress Plugin Booking Calendar SQL Injection (8.4.4)

WordPress Plugin Elementor Addon Elements Cross-Site Request Forgery (1.11.7)

WordPress Plugin iThemes Exchange:Simple WP Ecommerce Cross-Site Scripting (1.11.18)

WordPress Improper Input Validation Vulnerability (CVE-2011-4957)

Severity

High

Classification

CVE-2007-4653 CWE-138

Tags

Missing Update Known Vulnerabilities