Vulnerabilities > CVE-2006-1153 - SQL Injection vulnerability in D2-Shoutbox 4.2

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
d2-shoutbox
exploit available

Summary

SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB).

Vulnerable Configurations

Part Description Count
Application
D2-Shoutbox
1

Exploit-Db

descriptionD2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit. CVE-2006-1153. Webapps exploit for php platform
fileexploits/php/webapps/1556.pl
idEDB-ID:1556
last seen2016-01-31
modified2006-03-06
platformphp
port
published2006-03-06
reporterSkOd
sourcehttps://www.exploit-db.com/download/1556/
titleD2-Shoutbox 4.2 IPB Mod load Remote SQL Injection Exploit
typewebapps