VULHUB ™

Phorum is prone to an SQL injection vulnerability. The registration script does not adequately filter SQL syntax from user-supplied input before including it in a database query. As a result, remote attackers may influence the logic and structure of database queries made by the software. This vulnerability could potentially be exploited to compromise the bulletin board installation, disclose sensitive information from within the database or even to launch attacks against the database implementation.

Phorum is prone to an SQL injection vulnerability. The registration script does not adequately filter SQL syntax from user-supplied input before including it in a database query. As a result, remote attackers may influence the logic and structure of database queries made by the software. This vulnerability could potentially be exploited to compromise the bulletin board installation, disclose sensitive information from within the database or even to launch attacks against the database implementation.