VULHUB ™

Multiple input validation vulnerabilities affect the login form of phpBB. These issues are due to a failure of the application to perform proper sanitization prior to including user-supplied input in dynamically generated content and SQL queries. An attacker may leverage these issues to execute arbitrary client side script code in the browser of an unsuspecting user and inject arbitrary SQL syntax into SQL queries. This may potentially lead to theft of cookie-based authentication credentials, theft of sensitive information or corruption of data as well as other attacks. It should be noted that it is possible that one or more of these issues has been reported in a previous BID. This BID will be updated as more information becomes available.

Multiple input validation vulnerabilities affect the login form of phpBB. These issues are due to a failure of the application to perform proper sanitization prior to including user-supplied input in dynamically generated content and SQL queries. An attacker may leverage these issues to execute arbitrary client side script code in the browser of an unsuspecting user and inject arbitrary SQL syntax into SQL queries. This may potentially lead to theft of cookie-based authentication credentials, theft of sensitive information or corruption of data as well as other attacks. It should be noted that it is possible that one or more of these issues has been reported in a previous BID. This BID will be updated as more information becomes available.