Required CVE Record Information
Description
SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter.
References 5 Total
- marc.info: 20050124 Multiple vulnerabilities in MercuryBoard 1.1.1 mailing-list
- http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70
- securitytracker.com: 1013137 vdb-entry
- marc.info: 20050209 Mercuryboard =?iso-8859-1?Q?<=3D?= 1.1.1 Working Sql Injection mailing-list
- exchange.xforce.ibmcloud.com: mercuryboard-index-sql-injection(19051) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- marc.info: 20050124 Multiple vulnerabilities in MercuryBoard 1.1.1 mailing-listx_transferred
- http://cvs.sunsite.dk/viewcvs.cgi/mercury/func/post.php.diff?r1=1.68&r2=1.70 x_transferred
- securitytracker.com: 1013137 vdb-entryx_transferred
- marc.info: 20050209 Mercuryboard =?iso-8859-1?Q?<=3D?= 1.1.1 Working Sql Injection mailing-listx_transferred
- exchange.xforce.ibmcloud.com: mercuryboard-index-sql-injection(19051) vdb-entryx_transferred