Description
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php.
Exploits (1)
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52550
Exploit x_refsource_misc
http://packetstormsecurity.org/0908-exploits/phpfreebb-sql.txt
Scores
EPSS
0.0011
EPSS Percentile
29.2%
Details
CWE
CWE-89
Status
published
Products (1)
prakashatma_mishra/phpfreebb
1.0
Published
Sep 16, 2009
Tracked Since
Feb 18, 2026