• info
• discussion
• exploit
• solution
• references

BroadBoard Message Board Multiple SQL Injection Vulnerabilities

No exploit is required to leverage this issue. The following proof of concepts have been provided:

http://broadboard/forum/search.asp?archives=1&action=1&keywords=['SQLcode]&method=1&method=1&body=1&subject=1&board=1&results=1
http://broadboard/forum/profile.asp?handle=['SQL code]