cve/CVE-2012-1603.md at master

0xMarcio/cve

Fork 0

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

822 B

Raw Permalink Blame History

CVE-2012-1603

Description

Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function.

POC

Reference

http://packetstormsecurity.org/files/111250/NextBBS-0.6.0-Authentication-Bypass-SQL-Injection-XSS.html

Github

No PoCs found on GitHub currently.

822 B Raw Permalink Blame History

CVE-2012-1603

Description

POC

Reference

Github

822 B

Raw Permalink Blame History