SQL Injection Vulnerability in Advanced Guestbook for phpBB
CVE-2006-7077

Currently unrated

Key Information:

Vendor: PHPbb Group
Status: PHPbb Advanced Guestbook
Vendor: CVE Published:; 2 March 2007

🔔 Create PHPbb Group Vulnerability Alert

What is CVE-2006-7077?

An SQL injection vulnerability exists in the 'guestbook.php' file of Advanced Guestbook 2.4, allowing remote attackers to manipulate SQL queries through the 'entry' parameter. This could lead to unauthorized access to sensitive data or execution of arbitrary SQL commands, posing significant risks to the integrity and confidentiality of the database.

References

http://securityreason.com/securityalert/2323

third-party-advisoryx_refsource_SREASON

http://www.majorsecurity.de/advisory/major_rls25.txt

x_refsource_MISC

http://archives.neohapsis.com/archives/bugtraq/2006-07/03...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2007
Vulnerability Reserved
Feb 27, 2007

CVE-2006-7077 Data

JSON