|Title:||miniBB sql injection|
|Summary:||Determine if MiniBB can be used to execute arbitrary SQL commands|
The remote host is using the miniBB forum management system.
According to its version number, this forum is vulnerable to a
sql injection attack which may allow an attacker to execute arbitrary
SQL statements against the remote database.
Solution: Upgrade to miniBB 1.7f or newer
Risk factor : High
BugTraq ID: 11688|
Common Vulnerability Exposure (CVE) ID: CVE-2004-2456
XForce ISS Database: minibb-user-sql-injection(18080)
|Copyright||This script is Copyright (C) 2004 Tenable Network Security|
|This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.