CVE-2014-2339
GNUboard 5.x - Authenticated SQL Injection via Subject or Content Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-2339. PoCs published by Claepo Wang.
AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in GNUboard, specifically in the ajax.autosave.php endpoint. It lacks executable exploit code but outlines the vulnerability and potential impact.
Description
Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter.
Exploits (1)
The provided text describes a SQL injection vulnerability in GNUboard, specifically in the ajax.autosave.php endpoint. It lacks executable exploit code but outlines the vulnerability and potential impact.