Critical SQL Injection Vulnerability in bony2023 Discussion-Board (CVE-2021-218378)

Critical SQL Injection Vulnerability in bony2023 Discussion-Board (CVE-2021-218378)

CVE-2015-10051 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The patch is identified as 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.