icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

miniBB < 1.7f index.php user Parameter SQL Injection

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is using the miniBB forum management system. According to its version number, this forum is vulnerable to a SQL injection attack that may allow an attacker to execute arbitrary SQL statements against the remote database.

Solution

Upgrade to miniBB 1.7f or higher.