SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-02-01T20:00:00Z

Updated: 2024-09-16T17:53:36.914Z

Reserved: 2006-02-01T00:00:00Z

Link: CVE-2005-4702

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-12-31T05:00:00.000

Modified: 2024-11-21T00:04:58.227

Link: CVE-2005-4702

cve-icon Redhat

No data.