Description

SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action.

Remediation

References

CVE-2007-4653

Related Vulnerabilities

WordPress Plugin Webapp builder (Free mobile apps native iPhone iOS & Android Winphone mobile apps) Arbitrary File Upload (2.0)

WordPress Plugin Booking Calendar Contact Form Cross-Site Scripting (1.0.24)

WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.7)

MySQL CVE-2021-35546 Vulnerability (CVE-2021-35546)

Apache Tomcat CVE-2019-2684 Vulnerability (CVE-2019-2684)

Severity

High

Classification

CVE-2007-4653 CWE-138

Tags

Missing Update Known Vulnerabilities