CVE-2007-6083

IceBB 1.0-rc6 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gu1ll4um3r0m41n · phpwebappsphp

https://www.exploit-db.com/exploits/4634

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] http://osvdb.org/38732

[Various Sources] http://www.aeroxteam.fr/advisory-IceBB-1.0rc6.txt

[Various Sources] http://www.aeroxteam.fr/exploit-IceBB-1.0rc6.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/38550

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/483916/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/483926/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/26483

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4634

[Third Party Advisory] http://secunia.com/advisories/27709

Scores

EPSS 0.0223

EPSS Percentile 84.6%

Details

CWE

CWE-89

Status published

Products (1)

icebb/icebb 1.0-rc6

Published Nov 22, 2007

Tracked Since Feb 18, 2026