• info
• discussion
• exploit
• solution
• references

Myphp Forum CVE-2007-6667 SQL-Injection Vulnerability

Myphp Forum is prone to a sql-injection vulnerability. SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.