DeluxeBB SQL Injection And PHP Injection Vulnerabilities

info
discussion
exploit
solution
references

DeluxeBB SQL Injection And PHP Injection Vulnerabilities

DeluxeBB is prone to an SQL-injection vulnerability and a PHP-injection vulnerability.

Attackers can exploit these issues to execute arbitrary script code in the context of the webserver, compromise the application, modify the way the site is rendered, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect DeluxeBB 1.2 and prior versions.