VULHUB ™

An SQL injection vulnerability has been reported for phpBB systems that may result in the disclosure of user password hashes; other attacks may also be possible. phpBB, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries to execute on the underlying database. As a result, it is possible to manipulate SQL queries. This may allow a remote attacker to modify query logic or potentially corrupt the database.

An SQL injection vulnerability has been reported for phpBB systems that may result in the disclosure of user password hashes; other attacks may also be possible. phpBB, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries to execute on the underlying database. As a result, it is possible to manipulate SQL queries. This may allow a remote attacker to modify query logic or potentially corrupt the database.