Release DateDec 08, 2009 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against an SQL injection vulnerability in Flexbb.The vulnerability exists in includes/start.php when it handles a specially crafted flexbb_lang_id COOKIE parameter. It allows a remote attacker to execute arbitrary SQL commands. |
Affected ProductsFlexBB FlexBB 1.0 10005 Beta Release 1 |
Recommended ActionsUpdate to the latest versions:http://www.flexbb.net/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-1729 |
Reference/shttp://www.securityfocus.com/bid/23161 (BugTraq)http://www.frsirt.com/english/advisories/2007/1141 (FrSIRT) |
