[VIM] phpfreeBB Multiple SQL Injection Vulnerabilities
George A. Theall
theall at tenable.com
Sat Oct 23 19:47:06 CDT 2010
SecurityFocus created Bugtraq 44272 recently to cover SQL injection
vulnerabilities reported by Moudi in August 2009: http://packetstormsecurity.org/0908-exploits/phpfreebb-sql.txt
. Reportedly 'index.php' and 'permalink.php' are the two files
affected. Yet if you grab a copy of the software (eg,http://switch.dl.sourceforge.net/project/phpfreebb/phpfreebb/1.0/bb.zip)
and look inside, neither file exists.
This may be simply a cut-and-paste mistake on Moudi's part, but the
issue definitely is not in phpfreeBB.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list