CVE-2007-4653

Description

SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action.

Affected products

• phpBB / phpBB2.0.22

References

• EXPLOIThttps://www.exploit-db.com/exploits/4346
• MISChttp://www.securityfocus.com/bid/25501
• MISChttp://osvdb.org/38427