• info
• discussion
• exploit
• solution
• references

phpBB Profile.PHP SQL Injection Vulnerability

The following proof of concept has been supplied:
http://www.example.com/profile.php?mode=viewprofile&u='[sqlcode]