PostNuke PNPHPBB2 Module Index.PHP SQL Injection Vulnerability

info
discussion
exploit
solution
references

PostNuke PNPHPBB2 Module Index.PHP SQL Injection Vulnerability

The PostNuke PNPHPBB2 module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

This issue affects PNPHPBB2 1.2; prior versions are also affected.