The vulnerability involves SQL injection via the 'catids' parameter in Kunena's advanced search page due to lack of input sanitization and parameterized queries. Exploitation can also leak sensitive information such as software versions and system paths through error messages.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Kunena < 1.5.14, < 1.6.3
No auth needed
Prerequisites:Access to the Kunena advanced search page