Philboard.Philboardforum.Asp.SQL.Injection
Description
Philboard has a SQL-injection vulnerability. A remote attacker could execute arbitrary SQL commands in the back-end database via a specially-crafted HTTP request to the "philboard_forum.asp" script with injected SQL statements in the "forumid" parameter.
Affected Products
Philboard version 1.14 and prior.
Impact
Data Manipulation.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
http://www.nabocorp.com/nabopoll/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |