Multiple SQL Injection Vulnerabilities in tForum b0.915

CVE-2011-5137 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard.php, or (3) CatID parameter to viewcat.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.