Description

SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action.

Remediation

References

CVE-2007-4653

Related Vulnerabilities

WordPress Plugin Advanced Custom Fields (ACF) Multiple Security Bypass Vulnerabilities (5.10.2)

WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.4.4)

WordPress Plugin Easy FancyBox Cross-Site Scripting (1.8.17)

WordPress Plugin Print, PDF, Email by PrintFriendly Multiple Cross-Site Scripting Vulnerabilities (3.3.7)

WordPress Plugin YouTube Embed Cross-Site Scripting (3.3.2)

Severity

High

Classification

CVE-2007-4653 CWE-138

Tags

Missing Update Known Vulnerabilities