Home > Discussion Boards, SQL Injection > PunBB Attachment Plugin “secure_str” SQLi

PunBB Attachment Plugin “secure_str” SQLi

December 1st, 2009

Application: PunBB
Affected Version: version 1.0.2 and other versions.
Vendor’s URL: PunBB Attachment Plugin
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Discussion Boards, SQL Injection

Comments are closed.