Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyPHP Forum 'post.php' 和 'member.php' 多个SQL注入漏洞
Vulnerability Description
MyPHP Forum 3.0及之前版本存在多个SQL注入漏洞。远程攻击者可以借助(1)确认操作中的id 参数,(2)再次确认操作中的用户参数,(3)对member.php的reqpwd操作,(4)登录操作中的引用参数以及(5)对post.php的编辑操作中的pid参数,执行任意的SQL指令。
CVSS Information
N/A
Vulnerability Type
N/A