CVE-2003-0215

Description

SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the (1) username and (2) password fields, and possibly other fields.

Affected products

• battleaxe_software / bttlxeforum2.0_beta_3

References

• MISChttp://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812
• MISChttp://securitytracker.com/id?1006632
• MAILING_LISThttp://marc.info/?l=bugtraq&m=105120052725940&w=2