Description

SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action.

Remediation

References

CVE-2007-4653

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3389)

Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7930)

WordPress Plugin WPtouch Security Bypass (3.4.2)

Apache HTTP Server Numeric Errors Vulnerability (CVE-2011-3607)

WordPress Plugin Movies Cross-Site Scripting (0.6)

Severity

High

Classification

CVE-2007-4653 CWE-138

Tags

Missing Update Known Vulnerabilities